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PREFACE TO THE SECOND EDITION 


The Preface to the First Edition (1962) states that this is “a rather 
tightly organized presentation of elementary number theory” and that 
"number theory is very much a live subject.” These two facts are in 
conflict fifteen years later. Considerable updating is desirable at many 
places in the 1962 text, but the needed insertions would call for drastic 
surgery. This could easily damage the flow of ideas and the author was 
reluctant to do that. Instead, the original text has been left as is, except 
for typographical corrections, and a brief new chapter entitled “Pro¬ 
gress” has been added. A new reader will read the l>ook at two 
levels—as it was in 1962, and as things are today. 

Of course, not all advances in number theory are discussed, only those 
pertinent to the earlier text. Even then, the reader will be impressed 
with the changes that have occurred and will come to believe—if he did 
not already know it—that number theory is very much a live subject. 

The new chapter is rather different in style, since few topics are 
developed at much length. Frequently, it is extremely brief and merely 
gives references. The intent is not only to discuss the most important 
changes in sufficient detail but also to be a useful guide to many other 
topics. A propos this intended utility, one special feature: Developments 
in the algorithmic and computational assets of the subject have been 
especially active. It happens that the author was an editor of Mathe¬ 
matics of Computation, throughout this period, and so he was particu¬ 
larly close to most of these developments. Many good students and 
professionals hardly know this material at all. The author feels an 
obligation to make it better known, and therefore there is frequent 
emphasis on these aspects of the subject. 

To compensate for the extreme brevity in some topics, numerous 
references have been included to the author’s own reviews on these 
topics. They are intended especially for any reader who feels that he 
must have a second helping. Many new references are listed, but the 
following economy has been adopted: if a paper has a good bibliogra¬ 
phy, the author has usually refrained from citing the references con¬ 
tained in that bibliography. 

The author is grateful to friends who read some or all of the new 
chapter. Especially useful comments have come from Paul Bateman, 
Samuel Wagstaff, John Brillhart, and Lawrence Washington. 

Daniel Shanks 
December 1977 
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PREFACE TO THE FIRST EDITION 


It may be thought that the title of this book is not well chosen since 
the book is, in fact, a rather tightly organized presentation of elementary 
number theory, while the title may suggest a loosely organized collection 
of problems. Nonetheless the nature of the exposition and the choice of 
topics to be included or omitted are such as to make the title appropriate. 
Since a preface is the proper place for such discussion we wish to clarify 
this matter here. 

Much of elementary number theory arose out of the investigation of 
three problems; that of perfect numbers, that of periodic decimals, and 
that of Pythagorean numbers. We have accordingly organized the book 
into three long chapters. The result of such an organization is that motiva¬ 
tion is stressed to a rather unusual degree. Theorems arise in response to 
previously posed problems, and their proof is sometimes delayed until 
an appropriate analysis can be developed. These theorems, then, or most 
of them, are “solved problems-” Some other topics, which are often taken 
up in elementary texts—and often dropped soon after—do not fit directly 
into these main lines of development, and are postponed until Volume 11. 
Since number theory is so extensive, some choice of topics is essential, and 
while a common criterion used is the personal preferences or accomplish¬ 
ments of an author, there is available this other procedure of following, 
rather closely, a few main themes and postponing other topics until they 
become necessary. 

Historical discussion is, of course, natural in such a presentation. How¬ 
ever, our primary interest is in the theorems, and their logical interrela¬ 
tions, and not, in the history per se. The aspect of the historical approach 
which mainly concerns us is the determination of the problems which sug¬ 
gested the theorems, and the study of which provided the concepts and the 
techniques which were later used in their proof. In most number theory 
books residue classes are introduced prior to Fermat's Theorem and the 
Reciprocity Law. But, this is not at all the correct historical order. We have 
here restored these topics to their historical order, and it seems to us that 
this restoration presents matters in a more natural light. 

The “unsolved problems” are the conjectures and the open questions— 
we distinguish these two categories—and these problems are treated more 
fully than is usually the case. The conjectures, like the theorems, are in¬ 
troduced at the point at which they arise naturally, are numbered and 
slated formally. Their significance, their interrelations, and the heuristic 
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evidence supporting them are often discussed. It is well known that some 
unsolved problems, such as Fermat’s Last Theorem and Riemann’s Hy¬ 
pothesis, have been enormously fruitful in suggesting new mathematical 
fields, and for this reason alone if is not desirable to dismiss conjectures 
without an adequate discussion. Further, number theory is very much a 
live subject, and it seems desirable to emphasize this. 

So much for the title. The book is largely an exposition of known and 
fundamental results, but we have included several original topics such as 
cycle graphs and the circular parity switch. Another point which we might 
mention is a tendency here to analyze and mull over the proofs—to study 
their strategy, their logical interrelations, their possible simplifications, etc. 
It happens that such considerations are of particular interest to the author, 
and there may be some readers for whom the theory of proof is as interest¬ 
ing as the theory of numbers. However, for all readers, such analyses of 
the proofs should help to create a deeper understanding of the subject. 
That is their main purpose. The historical introductions, especially to 
Chapter Ill, may be thought by some to be too long, or even inappro¬ 
priate. We need not contest this, and if the reader finds them not to his 
taste he may skip them without much loss. 

The notes upon which this book was based wen? used as a text at the 
American University during the last year. A three hour first course in 
number theory used the notes through Sect. 48, omitting the historical 
Sects. 41-45. Rut this is quite a bit of material, and another lecturer may 
prefer to proceed more slowly, A second semester, which was partly lecture 
and partly seminar, used the rest of the book and part of the forthcoming 
Volume II. This included a proof of the Prime Number Theorem and would 
not be appropriate in a first course. 

The exercises, with some exceptions, are an integral part of the book. 
They some;times lead to the next topic, or hint at later developments, and 
are often referred to in the text. Not every reader, however, will wish to 
work every exercise, and it should be stated that while some are very easy, 
others an? not. The reader should not be discouraged if he cannot do them 
all. We would ask, though, that he read them, even if he does not do them. 

The book was not written solely as a textbook, but was also meant for 
the technical reader who wishes to pursue the subject independently. It is 
a somewhat surprising fact that although one never meets a mathematician 
who will say that he doesn’t know calculus, algebra, etc,, it is quite common 
to have one say that he doesn’t know any number theory. Yet this is an 
old, distinguished, and highly praised branch of mathematics, with con¬ 
tributions on the highest level, Gauss, Euler, Lagrange, Hilbert, etc. One 
might hope to overcome this common situation b5 r a presentation of the 
subject with sufficient motivation, history, and logic to make it appealing. 
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If, as they say, we can succeed even partly in this direction we will consider 
ourselves well rewarded. 

The original presentation of this material was in a series of twenty public 
lectures at the David Taylor Model Basin in the Spring of 1961. Following 
the precedent set there by Professor F. Murnaghan, the lectures were 
written, given, and distributed on a weekly schedule. 

Finally, the author wishes to acknowledge, with thanks, the friendly 
advice of many colleagues and correspondents who read some, or all of the 
notes. In particular, helpful remarks were made by A, Sinkov and P. 
Bateman, and the author learned of the Original Legendre Symbol in a 
letter from 1). 1L Lehmer. But the author, as usual, must take responsi¬ 
bility for any errors in fact, argument, emphasis, or presentation, 

Daniel Shanks 
May 1902 




CHAPTER I 


FROM PERFECT NUMBERS TO 
THE QUADRATIC RECIPROCITY 
LAW 


1. Perfect Numbers 

Many of the basic theorems of number theory‘stem from two problems 
investigated by the Greeks—the problem of perfect numbers and that 
of Pythagorean numbers. In this chapter we will examine the former, 
and the many important concepts and theorems to which their investiga¬ 
tion led. For example, the first extensive table of primes (by Cataldi) 
and the very important Fermat Theorem were, as we shall see, both direct 
consequences of these investigations. Euclid’s theorems on primes and 
on the greatest common divisor, and Euler’s theorems on quadratic resi¬ 
dues, may also have been such consequences but here the historical evidence 
is not conclusive. In Chapter III we will take up the Pythagorean numbers 
and their many historic consequences but for now we will confine ourselves 
to perfect numbers. 

Definition L A perfect number is equal to the sum of all its positive 
divisors other than itself. (Euclid.) 

Example: Since the positive divisors of 6 other than itself are 1, 2, and 
3 and since 


1 + 2 + 3 = 6, 

6 is perfect. 

The first four perfect numbers, which were known to the Greeks, are 

Pi = 6, 

P 2 = 28, 

P 3 = 496, 


P 4 = 8128. 
1 
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In the Middle Ages it was asserted repeatedly that P m , the mth perfect 
number, was always exactly m digits long, and that the perfect numbers 
alternately end in the digit 6 and the digit 8. Both assertions are false. In 
fact there is no perfect number of 5 digits. The next perfect number is 

P 5 = 33,550,336. 

Again, while this number does end in 6, the next does not end in 8. It also 
ends in 6 and is 


P 6 = 8,589,869,056. 

We must, therefore, at least weaken these assertions, and we do so 
as follows: The first we change to read 

Conjecture 1. There are infiyiitely many perfect numbers. 

The second assertion we split into two distinct parts: 

Open Question 1. Are there any odd perfect numbersf 

Theorem 1. Every even perfect number ends in a 6 or an 8. 

By a conjecture we mean a proposition that has not been proven, but 
which is favored by some serious evidence. For Conjecture 1, the evidence 
is, in fact, not very compelling; we shall examine it later. But primarily we 
will be interested in the body of theory and technique that arose in the 
attempt to settle the conjecture. 

An open question is a problem where the evidence is not very convincing 
one way or the other. Open Question 1 has, in fact, been “conjectured ’ 9 in both 
directions. Descartes could see no reason why there should not be an odd 
perfect number. But none has ever been found, and there is no odd perfect 
number less than a trillion, if any. Hardy and Wright said there probably 
are no odd perfect numbers at all—but gave no serious evidence to support 
their statement. 

A theorem , of course, is something that has been proved. There are 
important theorems and unimportant theorems. Theorem 1 is curious but 
not important. As we proceed we will indicate which are the important 
theorems. 

The distinction between open question and conjecture is, it is true, 
somewhat subjective, and different mathematicians may form different 
judgments concerning a particular proposition. We trust that there will 
be no similar ambiguity concerning the theorems, and we shall prove many 
such propositions in the following pages. Further, in some instances, we 
shall not merely prove the theorem but also discuss the nature of the proof, 
its strategy, and its logical dependence upon, or independence from, some 
concept or some previous theorem. We shall sometimes inquire whether 
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the proof can be simplified. And, if we state that Theorem T is particularly 
important, then we should explain why it is important, and how its funda¬ 
mental role enters into the structure of the subsequent theorems. 

Before we prove Theorem 1, let us rewrite the first four perfects in 
binary notation. Thus: 



Decimal 

Binary 

Pi 

6 

110 

p 2 

28 

11100 

Pz 

496 

111110000 

Pi 

8128 

1111111000000 


Now a binary number consisting of n l*s equals 1+2 + 4+ + 2 n ~ l — 

2 n — 1. For example, 11111 (binary) = 2 5 — 1 = 31 (decimal). Thus all 
of the above perfects are of the form 

2 »-i(2 n _ 1 ) j 

e.g., 496 = 16-31 = 2 4 (2 5 - 1). 

Three of the thirteen books of Euclid were devoted to number theory. 
In Book IX, Prop. 36, the final proposition in these three books, he proves, 
in effect, 

Theorem 2. The number 2 n ~ x (2 n — 1) is perfect if 2 n —- 1 is a prime . 

It appears that Euclid was the first to define a prime—and possibly 
in this connection. A modern version is 

Definition 2. If p is an integer, >1, which is divisible only by ±1 and 
by =tp, it is called prime . An integer >1, not a prime, is called composite. 

About 2,000 years after Euclid, Leonhard Euler proved a converse to 
Theorem 2: 

Theorem 3. Every even perfect number is of the form 2 n ~ l (2 n — 1) with 
2 n — 1 a prime. 

We will make our proof of Theorem 1 depend upon this Theorem 3 
(which will be proved later), and upon a simple theorem which we shall 
prove at once: 

Theorem 4 (Cataldi-Fermat). If 2 n — 1 is a prime , then n is itself a 
prime. 

Proof. We note that 

a” - 1 = (a - 1) (a n_1 + a n_2 +•••+«+!). 
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If n is not a prime, write it n = rs with r > 1 and s > 1. Then 

2” — 1 — (20 s - 1, 

and 2 71 — 1 is divisible by 2 r — 1, which is >1 since r > 1. 

Assuming Theorem 3, we can now prove Theorem 1. 

Proof of Theorem 1. If A is an even perfect number, 

N = 2 P ~ 1 (2 P - 1) 

with p a prime. Every prime >2 is of the form 4m + 1 or 4m + 3, since 
otherwise it would be divisible by 2. Assume the first case. Then 

N = 2 4m (2 4w+1 — 1) 

= 16 m (2 • 16™ — 1) with m §: 1. 

But, by induction, it is clear that 16 m always ends in 6. Therefore 2 • 16 w — 1 
ends in 1 and N ends in 6. Similarly, if p — Am + 3, 

N = 4- 16 m (8- 16 m - 1) 

and 4 • 16 m ends in 4, while 8 • 16 m — 1 ends in 7. Thus N ends in 8. Finally 
if p = 2, we have N = Pi = 6, and thus all even perfects must end in 
6 or 8. 

2. Euclid 

So far we have not given any insight into the reasons for 2 P ~ 1 (2 P — 1) 
being perfect—if 2 P — 1 is prime. Theorem 2 would be extremely simple 
were it not for a rather subtle point. Why should N — 2 P ~ 1 (2 P — 1) be 
perfect? The following positive integers divide N: 

1 and (2* — 1) 

2 and 2(2* - 1) 

2 2 and 2 2 (2 P - 1) 

2*" 1 and 2*~ 1 (2* - 1) 

Thus 2, the sum of these divisors, including the last, 2 P_1 (2* — 1) = A, is 
equal to 

2 = ( 1+2 + 2 2 + • • • + 2 P_1 ) [1 + ( 2 * - 1 )]. 

Summing the geometric series we have 

2 = (2* — 1) -2* = 2A. 

Therefore the sum of these divisors, but not counting A itself, is equal to 
2 — A = A. Does this make A perfect? Not quite. How do we know 
there are no other positive divisors? 
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Euclid, recognizing that this needed proof, provided two fundamental 
underlying theorems, Theorem 5 and Theorem 6 (below), and one 
fundamental algorithm. 

Definition 3. If g is the greatest integer that divides both of two integers, 
a and b } we call g their greatest common divisor , and write it 



# = (a, b). 


In particular, if 

(a, b ) = 1, 


we say that a is prime to b. 



Examples: 



2 = (4, 14) 

1 = (1, n) 

(any n) 

3 = (3, 9) 

1 = (n — 1, n) 

(any n) 

1 = (9, 20) 

It 

(any two distinct primes) 


Definition 4. If a divides 6, we write 


if not we write 


a\b; 


a\b. 

Example : 


23|2047. 

Theorem 5 (Euclid). If g — (a, b) there is a linear combination of a and 
b with integer coefficients m and n ( positive , negative , or zero) such that 

g = ma + nb. 

Assuming this theorem, which will be proved later, we easily prove a 

Corollary. If (a, c) = (6, c) = 1, then ( ab , c) = 1. 

Proof. We have 

m x a + n x c = 1 and 7n 2 b + n 2 c = 1, 
and therefore, by multiplying, 

Mab + Nc = 1 

with M = m x m 2 and N = m x n 2 a + m 2 n x b + n x n 2 c. Then any common 
divisor of ab and c must divide 1, and therefore ( ab , c) = 1. 

We also easily prove 



6 Solved and Unsolved Problems in Number Theory 

Theorem 6 (Euclid). If a, b, and c are integers such that 
c\ab and (c, a) = 1, 

then 

c\h. 

Proof. By Theorem 5, 

me + na = 1. 

Therefore 


mch + nab = b, 

but since c\ab, ab = cd for some integer d. Thus 

c(mb + nd) = b, 


or c\b. 

Corollary. If a prime p divides a product of n numbers , 


p\aia 2 • • • a n , 

it must divide at least one of them. 

Proof. If pJf a h then (a x , p) = 1. If now, p\a 2 , then we must have 
p\a x a 2 , for, by the theorem, if p\aia 2 , then p\a 2 . It follcfws that if p\a\ , 
, and p\a z , then p|aia 2 a 3 . By induction, if p divided none of a’s it 
could not divide their product. 

Euclid did not give Theorem 7, the Fundamental Theorem of Arithmetic , 
and it is not necessary—in this generality—for Euclid’s Theorem 2. But 
we do need it for Theorem 3. 

Theorem 7. Every integer , N, > 1, has a unique factorization into 
primes , pi in a standard form, 

N - PVP? Pl n , (1) 

with a,; > 0 and pi < p 2 < * • • < p n • That is, if 

n = • • • flJr (2) 

/or primes qi < q 2 < • • • < and exponents bi > 0, ^on ^ , m — n, 
and ai = bi . 

Proof. First, iV must have at least one representation, Eq. (1). Let a 
be the smallest divisor of iV which is >1. It must be a prime, since if not, 
a would have a divisor >1 and <a. This divisor, <a, would divide N 
and this contradicts the definition of a. Write a now as pi , and the quotient, 
N/pi , as Ni . Repeat the process with AT . The process must terminate, 
since 


N > AT > AT > • • • > 1, 
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This generates Eq. (1). Now if there were a second representation, by the 
corollary of Theorem 6, each pi must equal some qi , since pi\N. Likewise 
each qi must equal some pi . Therefore pi — qi and m = n. If hi > , 

divide pV into Eqs. (1) and (2). Then pi would divide the quotient in 
Eq. (2) but not in Eq. (1). This contradiction shows that = b 

Corollary. The only positive divisors of 

N = pV--- pl n 

are those of the form 


where 


0 ^ Ci g ai . 

Proof. Let /|iV and write N = fg. Express / and g in the standard 
form. Then if / and g were not both in the form of (3), their product, 
N y would have a representation distinct from Eq. (1). This contradiction 
proves the corollary. 

Now we are able to complete the proof of Theorem 2. 

Proof of Theorem 2. If 2 P — 1 = p 2 is a prime, the only positive 
divisors of 

N = 2 v-'pz 

are those listed on page 4. Therefore N is the sum of all its positive 
divisors, other than itself, and N is perfect. 

The logical structure of the theorems discussed so far is shown in the 
following diagram. The important theorems are those at the bottom. 
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They support the theorems which rest upon them. In general, the impor¬ 
tant theorems will have many consequences, while Theorem 1, for in¬ 
stance, has almost no consequence of significance. 

The proofs of Theorems 3 and 5 will now be given. 

3. Euler’s Converse Proved 

Proof of Theorem 3 (by L. E. Dickson). Let N be an even perfect 
number given by 

N = 2 n ~ 1 F 

where F is an odd number. Let 2 be the sum of the positive divisors of F . 
The positive divisors of N include all these odd divisors and their doubles, 
their multiples of 4, • • • , their multiples of 2 n “\ There are no other positive 
divisors by the corollary of Theorem 7. Since N is perfect we have 

N = 2 n ~ 1 F = (1 + 2 + • • • + 2 n_1 ) 2 - N 

or 


2 N = TF = (2 n - 1 ) 2 . 

Therefore 

2 = F + F/(2 n - 1), (4) 

and since 2 and F are integers, so must F/(2 n — 1) be an integer. Thus 

(2 W - 1)| F 

and F/(2” — 1) must be one of the divisors of F. Since 2 is the sum of 
all the positive divisors of F, we see, from Eq. (4) , that there can only be 
two, namely F itself and F/( 2 n — 1). But 1 is certainly a divisor of F. 
Therefore F/(2 n — 1) must equal 1, F must equal 2 n — 1, and 2 n — 1 
has no other positive divisors. That is, 2 n — 1 is a prime. 

4. Euclid’s Algorithm 

Proof of Theorem 5 (Euclid’s Algorithm). To compute the greatest 
common divisor of two 'positive integers a and b , Euclid proceeds as follows. 
Without loss of generality, let a S b and divide b by a: 

b = q$a + a\ 

with a positive quotient qo , and a remainder where 0 ^ a\ < a. If 
ai ^ 0, divide a by cq and continue the process until some remainder, 
a n + 1 , equals 0. 
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a — Qiai -)- a 2 

ai = q^ch + «3 


Un—2 Qn—l^n— 1 “I” 


Un—1 Qn^n • 

This must occur, since a > a\ > a 2 • • • > 0. Then the greatest common 
divisor, g = (a, 6 ), is given by 

9 = a n . (5) 

For, from the first equation, since 0 |a and 0 |b, we have 0 |ai. Then, from 
the second, since g\a and g\ai , we have g\a 2 . By induction, g\a n , and 
therefore 

g ^ On . ( 6 ) 

But, conversely, since a n |a n _i by the last equation, by working backwards 
through the equations we find that a n \a n - 2 , a n \a n - Z , • • • , a n \a and 
a n | 6 . Thus a n is a common divisor of a and b and 

a n S g (the greatest). 

With Eq. ( 6 ) we therefore obtain Eq. (5). Now, from the next-to-last 
equation, a n is a linear combination, with integer coefficients, of a n ~i and 
a n _ 2 . Again working backwards we see that a n is a linear combination of 
a n -% and a n -i-i for every i. Finally 

g = a n = ma + nb (7) 

for some integers m and n. If, in Theorem 5, a and b are not both positive, 
one may work with their absolute values. This completes the proof of 
Theorem 5, and therefore also the proofs of Theorems 6 , 7, 2 , 3, and 1 . 

Example: Let g = (143, 221 ). 

Then 221 = M43 + 78, 

143 = 1*78 + 65, 

78 = 1-65 + 13, 

65 = 513, 

and g = 13. Now 

13 = 78 - 1-65 
= 2-78 - 1143 
= 2-221 - 3-143. 
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The reader will note that in the foregoing proof we have tacitly assumed 
several elementary properties of the integers which we have not stated 
explicitly—for example, that a\b and a|c implies a\b + c; that a > 0, 
and b\a implies b g a, and that the cq in b = q 0 a + ai exists and is unique. 
This latter is called the Division Algorithm. For a statement concerning 
these fundamentals see the Statement on page 217. 

It should be made clear that the m and n in Eq. (7) are by no means 
unique. In fact, for every k we also have 

+ k^Ja + (^n — = 0 - 


Theorem 5 is so fundamental (really more so than that which bears the 
name, Theorem 7), that it will be useful to list here a number of comments. 
Most of these are not immediately pertinent to our present problem—that 
of perfect numbers—and the reader may wish to skip to Sect. 5. 

(a) The number g = (a, b) is not only a maximum in the additive sense, 
that is, d ^ g for every common divisor d , but it is also a maximum in the 
multiplicative sense in that for every d 


d\g . (8) 

This is clear, since d\a and d\b implies d\g by Eq. (7). 

(b) The number g is also a minimum in both additive and multiplicative 
senses. For if 


m\a + nib — h (9) 

for any mi and ni, we have, by the same argument, 

g\h. (10) 

Then it is also clear that 

g ^ every positive h. (11) 

(c) This minimum property, (11), may be made the basis of an alterna¬ 
tive proof of Theorem 5, one which does not use Euclid’s Algorithm. The 
most significant difference between that proof and the given one is that 
this alternative proof, at least as usually given, is nonconstructive , while 
Euclid’s proof is constructive. By this we mean that Euclid actually con¬ 
structs values of m and n which satisfy Eq. (7), while the alternative 
proves their existence , by showing that their nonexistence would lead to a 
contradiction. We will find other instances, as we proceed, of analogous 
situations—both constructive and nonconstructive proofs of leading 
theorems. 

Which type is preferable? That is somewhat a matter of taste. Landau, 
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it is clear from his books, prefers the nonconstructive. This type of proof 
is often shorter, more “elegant.” The constructive proof, on the other 
hand, is “practical”—that is, it gives solutions. It is also “richer,” that is, 
it develops more than is (immediately) needed. The mathematician who 
prefers the nonconstructive will give another name to this richness—he 
will say (rightly) that it is “irrelevant.” 

Which type of proof has the greatest “clarity”? That depends on the 
algorithm devised for the constructive proof. A compact algorithm will 
often cast light on the subject. But a cumbersome one may obscure it. 

In the present instance it must be stated that Euclid’s Algorithm is 
remarkably simple and efficient. Is it not amazing that we find the greatest 
common divisor of a and b without factoring either number? 

As to the “richness” of Euclid’s Algorithm, we will give many instances 
below, (e), (f), (g), and Theorem 10. 

Finally it should be noted that some mathematicians regard noncon¬ 
structive proofs as objectionable on logical grounds. 

(d) Another point of logical interest is this. Theorem 7 is primarily 
multiplicative in statement. In fact, if we delete the “standard form,” 
Pi < P 2 < * • • , which we can do with no real loss, it appears to be purely 
multiplicative (in statement). Yet the proof, using Theorem 5, involves 
addition, also, since Theorem 5 involves addition. There are alternative 
proofs of Theorem 7, not utilizing Theorem 5, but, without exception, 
addition intrudes in each proof somewhere. Why is this? Is it because the 
demonstration of even one representation in the form of Eq. (1) requires 
the notion of the smallest divisor? 

When we come later to the topic of primitive roots , we will find another 
instance of an (almost) purely multiplicative theorem where addition 
intrudes in the proof. 

(e) Without any modification, Euclid’s Algorithm may also be used 
to find g(x), the polynomial of greatest degree, which divides two poly¬ 
nomials, a(x) and b(x). In particular, if a(x) is the derivative of b(x ), g(x) 
will contain all multiple roots of b(x). Thus if 

b(x) = x — 5x 2 + 7x — 3, 
and b'(x) = a(x) = 3x 2 — 10x + 7, 

then g(x) = ai(x) = —f(z — 1). 

Therefore (x — 1) 2 | b(x). 

(f) Without elaboration at this time we note that the quotients, qi , 
in the Algorithm may be used to expand the fraction a/b into a continued 
fraction. 
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Thus 


and, specifically, 


a 

b 


- , i 

,, + 5 ; + 


1 _ 

<?2 + 


Qn 


143 = 1 

m i+ i+i i 
1 + -. 
5 


Similarly from (e) above, we have 

3a; 2 - lOx + 7 _ 9 

a; 3 - 5a; 2 + 7a; - 3 (3a; - 5) - 8 

(3® - 7) ’ 

(g) Finally we wish to note that, conversely to Theorem 5, if 


ma + nb = 1 


(12) 


then a is prime to b. But likewise m is prime to n and a and b play the 
role of the coefficients in their linear combination. This reciprocal relation¬ 
ship between m and a, and between n and 5, is the foundation of the so 
called modulo multiplication groups which we will discuss later. 

Now it is high time that we return to perfect numbers. 

5. Cataldi and Others 

The first four perfect numbers are 

2 ( 2 2 - 1 ), 

2 2 ( 2 3 - 1 ), 

2 4 ( 2 6 - 1 ), 

2 6 ( 2 7 - 1 ). 

We raise again Conjecture 1. Are there infinitely many perfect numbers? 
We know of no odd perfect number. Although we have not given him a 
great deal of background so far, the reader may care to try his hand at: 

Exercise 1. If any odd perfect number exists it must be of the form 

D = (p) ia+1 N 2 

where p is a prime of the form 4m + 1, a ^ 0, and N is some odd number 
not divisible by p. In particular, then, D cannot be of the form 4m + 3. 
(Descartes, Euler). 
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Any even perfect number is of the form 

2 P_1 (2 P - 1) 

with p a prime. If there were only a finite number of primes, then, of course, 
there would only be a finite number of even perfects. Euclid’s last con¬ 
tribution is 

Theorem 8 (Euclid). There are infinitely many primes. 

Proof. If Pi , p 2 , • • • , p n are n primes (not necessarily consecutive), 
then since 

N = P 1 P 2 * Pn + 1 

is divisible by none of these primes, any prime p n +1 which does divide N , 
(and there must be such by Theorem 7), is a prime not equal to any of 
the others. Thus the set of primes is not finite. 

Exercise 2. (A variation on Theorem 8 due to T. J. Stieltjes.) Let A 
be the product of any r of the n primes in Theorem 8, with 1 g r ^ n, 
and let B = pip 2 • • • p n /A. 

Then A + B is prime to each of the n primes. 

Example: pi = 2, p 2 — 3, p 3 = 5. Then 

23-5 + 1, 2-3 + 5, 2-5 + 3, 3-5 + 2 

are all prime to 2, 3, and 5. 

Exercise 3. Let A x = 2 and A n be defined recursively by 
+ n+1 = A n A n + 1. 

Show that each At is prime to every other Aj . Hint: Show that 
+ n+1 = + 1+2 ' * * A n + 1 

and that what is really involved in Theorem 8 is not so much that the p’s 
are primes, as that they are prime to each other. 

Exercise 4. Similarly, show that all of the Fermat Numbers , 

F m = 2 2 ” 1 + 1 

for m = 0, 1 , 2, • • • , are prime to each other, since 
F w +1 = FoF\ - - • F m + 2. 

Here, and throughout this book, 2 2 ” 1 means 2 (2m) , not (2 2 ) m = 2 2m = 4 m . 

Exercise 5. Show that either the +; of Exercise 3, or the F* of Exercise 
4, may be used to give an alternative proof of Theorem 8. 
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Thus there are infinitely many values of 2 P — 1 with p a prime. If, as 
Leibnitz erroneously believed, the converse of Theorem 4 were true, that 
is, if p’s primality implied 2 P — l’s primality, then Conjecture 1 would 
follow immediately from Euclid’s Theorem 2 and Theorem 8. But the 
converse of Theorem 4 is false, since already 

23|2 n - 1, 

a fact given above in disguised form (example of Definition 4). 

Definition 5. Henceforth we will use the abbreviation 

M n = 2 n — 1 . 

M n is called a Mersenne number if n is a prime. 

Skipping over an unknown computer who found that M n was prime, 
and that P 5 = 2 n M u was therefore perfect, we now come to Cataldi 
(1588). He showed that Mn and M i9 were also primes. Now Mn = 524,287, 
and we are faced with a leading question in number theory. Given a large 
number, say M ?1 = 2147483647, is it a prime or not? 

To show that N is a prime, one could attempt division by 
2, 3, • • • , N — 1, and if N is divisible by none of these then, of course, it 
is prime. But this is clearly wasteful, since if N has no divisor, other than 1, 
which satisfies 

d ^ VN 

then N must be a prime since, if 

N =fg, 

f and g cannot both be > \/N. Further, if we have a table of primes which 
includes all primes g \/N, it clearly suffices to use these primes as trial 
divisors since the smallest divisor (>1) of N is always a prime. 

Definition 6. If x is a real number, by 

M 

we mean the greatest integer 
Examples : 


1 = [1.5], 2 = [2], 3 = [3.1417], 

-1 = [-1], 724 = ivm. 

To prove that M i 9 = 524,287 is a prime, Cataldi constructed the first 
extensive table of primes—up to 750—and he simply tried division of M i 9 
by all the primes <[\/Mn] = 724. There are 128 such primes. This was 
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rather laborious, and since M n increases so very rapidly, it virtually forces 
the creation of other methods. To estimate the labor involved in proving 
some M p a prime by Cataldi’s method, we must know the number of 
primes < y/ M p . 

Definition 7. Let 


*•(») 

be the number of primes which satisfy 2 g p ^ n. 
Example : 


tt(724) = 128. 

There is no shortage of primes. A brief table shows the trend. 


n 

»(») 


10 

4 


10 2 

25 


10 3 

168 


10 4 

1,229 


10 5 

9,592 


10 6 

78,498 


10 7 

664,579 


10 8 

5,761,455 


10 9 

50,847,534 

(D. H. Lehmer) 

10 10 

455,052,511 

(D. H. Lehmer) 


This brings us to the prime number theorem. 

6. The Prime Number Theorem 

In Fermat’s time (1640), Cataldi’s table of primes was still the 
largest in print. In Euler’s time (1738), there was a table, by Brancker, 
up to 100,000. In Legendre’s time (1798), there was a table, by Felkel, 
up to 408,000. 

The distribution of primes is most irregular. For example (Lehmer), 
there are no primes between 20,831,323 and 20,831,533, while on the other 
hand (Kraitchik), 1,000,000,000,061 and 1,000,000,000,063 are both 
primes. No simple formula for *(n) is either known, nor can one be ex¬ 
pected. But, “in the large,” a definite trend is readily apparent, (see the 
foregoing table), and on the basis of the tables then existing, Legendre 
(1798, 1808) conjectured, in effect, the Prime Number Theorem. 

Definition 8, If f(x) and g(x) are two functions of the real variable 
x, we say that f(x) is asymptotic to g(x) y and write it 

f(x) ~ g(z), 
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Lim 


fix) 

9(x) 


= 1 


Theorem 9. (The Prime Number Theorem , conjectured by Legendre , 
Gauss , Dirichlet, Chebyshev , arcd Riemann; proven by Hadamard and de la 
Vallee Poussin in 1896). 


7r(n) 


n 

r>~/ --- 

log n 


No easy proof of Theorem 9 is known. The fact that it took a century to 
prove is a measure of its difficulty. The theorem is primarily one of analysis. 
Number theory plays only a small role. That some analysis must enter is 
clear from Definition 8—a limit is involved. The extent to which analysis is 
involved is what is surprising. We shall give a proof in Volume II. 

For now we wish to make some clarifications. Definition 8 does not 
mean that f{x) is approximately equal to g(x). This has no strict mathe¬ 
matical meaning. The definition in no way indicates anything about the 
difference 


merely about the ratio 

Thus 


and 


f(x) - g(x), 
f(x)/g(x). 

Ti -f- 1 Tl 

n 2 + 100 n ~ n~ 
n + n 1 ' 9 log n ^ n 


are equally true. Which function, on the left, is the best approximation to 
n 2 is quite a different problem. 


If 


f(x) ~ g(x) 

and g(x) ~ h(x) 

then f{x) ~ h(x). 


Theorem 9 may therefore take many forms by replacing nf log n by any 
function asymptotic to it. Thus 
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Theorem 9 X . 


Theorem 9 2 . 


r(n) 


n 

- 

log n — 


1 ' 


7r 



dx 

log x * 


These three versions are all equally true. Which function on the right 
is the best approximation? 

P. Chebyshev (1848) gave both Theorems 9i and 9?, but proved neither. 
C. F. Gauss, in a letter to J. F. Encke (1849), said that he discovered 
Theorem 9 2 at the age of 16—that is, in 1793—and that when Chernac’s 
factor table to 1,020,000 was published in 1811 he was still an enthusiastic 
prime counter. Glaisher describes this letter thus: 

“The appearance of Chernac’s Cribum in 1811 was, Gauss proceeds, a 
cause of great joy to him; and, although he had not sufficient patience 
for a continuous enumeration of the whole million, he often employed 
unoccupied quarters of an hour in counting here and there a chiliad.” 

Exercise 6. Compute N/ log 2NT — 1 (natural logarithm, of course!) 
for N = 10 n , n = 1 , 2, • • • , 10, and compare the right and left sides of 
Theorem 9 X . 


7. Two Useful Theorems 

Before we consider the work of Fermat, it will be useful to give two 
theorems. The first is an easy generalization of an argument used in the 
proof of Theorem 4, page 3. We formalize this argument as 

Theorem 4 0 . If x ^ y, and n > 0, then 

x — y\x n — y n . (13) 

In particular, if y = 1, 

x — \\x n — 1, (13a) 

and, if y = —y, and n is odd, 

x + y\x n + y n , (n is odd). (13b) 

The proof is left to the reader. 

Theorem 10, If a , b , and s are positive integers , we write 
S a — 1 = Ba , S b — 1 = Bb . 
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Then ij (a, b) = g, 

(B a , B b ) = B 0 , (14) 

and in particular if a is prime to 6, then s — 1 is the greatest common divisor 
of s a — 1 and s b —- 1. 

Proof. In computing g = (a, 6) by Euclid's Algorithm, the (m + l)st 
equation (page 9) is 

a m - 1 ~ “I" a m + 1 . (15) 

It follows that 

Ba m _ 1 = QmBa m + Ba m+ i (15) 

for some integer Q m , for the reader may verify that 

Ba m _i = S m ~~ 1 = B am + 1 B qm a m + + Ba m + 1 

= £(#<■„, + ! + 1) B am + £a„ +1 . 

But Ba m |B 4m a m by Eq. (13a) with x = s“ m , and n = g m , and thus 

C B an+1 + 1) 

D a m 

is an integer. Call it Q m and this proves Eq. (16). 

But were we to compute (B a , B & ) by Euclid's Algorithm, Eq. (16) 
would be the m + 1st equation and the remainder, B am+1 , of Eq. (16) 
corresponds to the remainder, a m+ 1, of Eq. (15). Therefore if (a, b ) = g , 
( B a , Bb) = . 

Corollary. Every Mersenne number , = 2 P — 1, is prime to every other 

Mersenne number. 


The correspondence between Eqs. (15) and (16) has an interesting 
arithmetic interpretation. For simplicity, let $ = 2 and thus B a = M a — 
2° - 1. Let 

b = qa + r (17) 

and 

M b = QM a + M r . (18) 

Now M x , in binary , is a string of x ones, and if the division, Eq. (18), is 
carried out in binary we divide a string of a l's into a string of b l's 


inn 


100001000 

1111111111111 

1111111111 


(18a) 


111 
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and obtain a remainder cf r l’s. On the other hand, the ancient interpreta¬ 
tion of Eq. (17) is that a stick b units long is measured by a stick a units 
long, q times, with a remainder r units long. 


mil mu m 

limlmii 



111 


(17a) 


The quotient Q , of Eq. (18), consists of the q marks (bits) made in meas¬ 
uring M b by M a ! 


Q 


0000100001000 


8. Fermat and Others 

Now we come to Pierre de Fermat. In the year 1640, France was the 
leading country of Europe, both politically and culturally. The political 
leader was Cardinal Richelieu. The leading mathematicians were Rene 
Descartes, G6rard Desargues, Fermat, and the young Blaise Pascal. In 
1637, Descartes had published La Geometrie , and in 1639 the works of 
Desargues and Pascal on projective geometry had appeared. From 1630 
on, Father Marin Mersenne, a diligent correspondent (with an inscrutable 
handwriting) had been sending challenge problems to Descartes, Fermat, 
Frenicle, and others concerning perfect numbers and related concepts. 
By his perseverance, he eventually persuaded all of them to work on perfect 
numbers. 

At this time M 2 , M 3 , , M 7 , M n , Mn , and M were known to be 

prime. But 


Mn = 23-89, 

and Fermat found that 

47 \M^ • 

The obvious numerical relationship between p = 11 and the factors 23 
and 89, in the first instance, and between 23 and 47 in the second, may 
well have suggested to Fermat the following 

Theorem 11 (Fermat, 1640), If p > 2, any prime which divides M p 
must be of the form 2 kp + 1 with k = 1, 2, 3, • • • . 

At the same time Fermat found: 

Theorem 12 (Fermat, 1640). Every prime p divides 2 P — 2: 

P\2 p - 2. (19) 

These two important theorems are closely related. That Theorem 11 
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implies Theorem 12 is easily seen. Since the product of two numbers of 
the form 2 kp + 1 is again of that form, it is clear by induction that Theorem 
11 implies that all divisors of M p are of that same form. Therefore M v 
itself equals 2 Kp + 1 for some K, and thus M p — 1 is a multiple of p. 
And this is Theorem 12. The case p = 2 is obvious. 

But conversely, Theorem 12 implies Theorem 11. For let a prime q 
divide M p . Then 

912* - 1, (20) 

and by Theorems 12 and 6, 

g|2 4_1 - 1. (21) 

Now by Theorem 10, (2* — 1, 2 , ~ 1 — 1) — 2 g — 1 where g = ( p,q — 1)- 
Since q > 1, we have from Eqs. (20) and (21) that g > 1. But since p is 
a prime, we therefore have p\q — 1, or q = sp + 1. Finally if s were odd, 
9 would be even and thus not prime. Therefore q is of the form 2 kp + 1. 
To prove Theorems 11 and 12, it therefore will suffice to prove one of the 
two. 

Several months after Fermat announced these two theorems (in a 

letter to Frenicle), he generalized Theorem 12 to the most important 

Theorem 13 (Fermat’s Theorem). For every prime p and any integer a, 

p\a v — a. (22) 

This clearly implies Theorem 12, and is itself equivalent to 
Theorem 13i . If p\a, then 

plaT 1 - 1. (23) 

For if p|a(a p_1 — 1) and p\a then by Theorem 6, pla* -1 — 1. The con¬ 
verse implication is also clear. Nearly a century later, Euler generalized 
Theorem 13i and in doing so he introduced an important function, . 

Definition 9. If n is a positive integer, the number of positive integers 
prime to n and % n is called 0(n), Euler's phi function. There are therefore 
<j>(n) solutions m of the system: 

Urn, n) = 1 

(l ^ m ^ n. 

Examples : 

0(1) = 1, <#-(2) = 1, 0(3) = 2, 0(4) = 2, 0(5) = 4, 

0(6) = 2, 0(7) = 6, 0(8) = 4, 0(9) = 6, 0(10) = 4. 

For any prime, p, <j>(p) = p — !• 
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Theorem 14 (Euler). For any positive integer m, and any integer a prime 
to m, 

m\a* {m) - 1. (24) 

Later we will prove Theorem 14, and since, for a prime p, <f>(p) = p — 1, 
this will also prove the special case Theorem 13i . That will complete the 
proofs of Theorems 13, 12, and 11. For the moment let us consider the 
significance of Fermat’s Theorem 11 for the perfect number problem. 

The first Mersenne number we have not yet discussed is Af 29 . To de¬ 
termine whether it is a prime, it is not necessary to attempt division by 
3, 5, 7, etc. The only possible divisors are those of the form 58k + 1. For 
k = 1, 2, 3, and 4 we have 58k + 1 = 59, 117, 175, and 233. But 59+M 29 . 
Again, 117 and 175 are not primes and therefore need not be tried, since 
the smallest divisor (>1) must be a prime. Finally 233|Af 29 . Thus we 
find that M 29 = 536,870,911 is composite with only 2 trial divisions. 

Exercise 7. Assume that p = 16035002279 is a prime, (which it is), 
and that q = 32070004559 divides M p , (which it does). Prove that q is 
a prime. 

Exercise 8. Verify that 

3-74 + 1 [AT*. 

(When we get to Gauss’s conception of a residue class , such computations 
as that of this exercise will be much abbreviated.) 

It has been similarly shown that Af 41 , ilf 43 , M A7 , M 53 , and M 59 are also 
composite. Up to p = 61, there are nine Mersenne primes, that is, M p 
for p = 2, 3, 5, 7, 13, 17, 19, 31, and 61. These nine primes are listed in 
the table on page 22, together with four other columns. 

The first two columns are 


s p = \vw p \ 

(25) 

Cp = ir(Sp). 

(26) 


The number c p is the number of trial divisions—a la Cataldi (see page 14) 
needed to prove M p a prime. 

Definition 10. By tt a , b {n) is meant the number of primes of the form 
ak + b which are g n. 

Examples: 

7T 4) i(50) = 6; the six primes being 5, 13, 17, 29, 37, 41 
7t 4i 3 (50) = 8; the eight primes being 3, 7, 11, 19, 23, 31, 43, 47 
*8,i(10 6 ) = 19552 
tt8 ;3 (10 6 ) = 19653 
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7T8 ,b(10 6 ) = 19623 
t 8|7 (10 6 ) = 19669. 

By Theorem 11, the only primes which may divide M p are those counted 
by the function Tv 2 p,i(n). The next column of the table is 

f P = Tr2p,i(s p ). (27) 

The last column, e v , we will explain later. (Mnemonic aid: c p means 
“Cataldi,” f p means “Fermat,” e p means “Euler.”) 


TABLE OF THE FIRST NINE MERSENNE PRIMES 


p 

M p 

S P 

Cp 

fp 

€p 

2 

3 

1 

0 

0 

0 

3 

7 

2 

1 

0 

0 

5 

31 

5 

3 

0 

0 

7 

127 

11 

5 

0 

0 

13 

8,191 

90 

24 

2 

1 

17 

131,071 

362 

72 

4 

3 

19 

524,287 (Cataldi, 1588) 

724 

128 

6 

3 

31 

2,147,483,647 (Euler, 1772) 

46,340 

4,792 

157 

84 

61 

2,305,843,009,213,693,951 

1.5-10 9 

75 -10 6 * 

1.25 TO 6 ** 

0.62-10 6 ** 


* Estimated, using Theorem 9. 
** Estimated, using Theorem 16. 


We see in the table that had Cataldi known Theorem 11, the 128 di¬ 
visions which he performed in proving M i9 a prime could have been re¬ 
duced to 6; fio = 6. 

Exercise 9. Identify the two primes in f n , namely those of the form 
26/c + 1 which are <90. Also identify the 4 primes in fn . 

We inquire now whether the ratio f p /c p will always be as favorable as 
the instances cited above. More generally, how does tv a ,b{n) compare with 
Tv(n)? Since ak + b is divisible by g = (a, b ) it is clear that the form 
ok + b cannot contain infinitely many primes unless b is prime to a. But 
suppose (a, b) = 1? If we hold a fixed there are 0(a) values of b which are 
<a and prime to a . Does each such form possess infinitely many primes? 
Two famous theorems answer this question: 

Theorem 15 (Dirichlet, 1837). If (a, b) = 1, there are infinitely many 
primes of the form ak + b. 

A stronger theorem which implies Theorem 15 (and also Theorem 9) is 

Theorem 16 (de la Vallee Poussin, 1896). If (a, b) = 1, then 

1 n ^ 1 

0(a) log n 0(a) 


W a , b ( n ) 


(28) 



From Perfect Numbers to the Quadratic Reciprocity Law 23 


or, equivalently , for any two numbers prime to a, V and b", we have 

iTa,b'(n) ^7r a ,&"(n). (29) 

We postpone the proof of Theorem 15 to Volume II, but a special case 
which we need later is proven in Section 36. The more difficult Theorem 16 
will be used as a guide in the following investigations but will not be used 
logically and will not be proven. We note that although Eq. (28) is an 
asymptotic law, we may nonetheless employ it for even modest values of 
n with a usable accuracy. Thus 0(38) = 18; more generally, for any prime 
V , 0(2p) = p — 1. Then 7r(si 9 ) = 128 and rg-7r($i 9 ) = 7.1. The number 
sought is 7T38 ,i(si 9 ) = /i 9 = 6, a reasonable agreement considering the 
smallness of the numbers involved. Generally we should expect 

fp ~ ~n c * (30) 

but it is clear that this is not an exact statement, since we give no bound 
on the error. 

Exercise 10. The ratio s p /c p may be regarded as a measure of the 
improvement introduced by Cataldi by his procedure of using only primes 
as trial divisors (page 14). Similarly, c p /f p measures the improvement 
made by Fermat. Now note that the second ratio runs about 3 times the 
first, so that we may say that Fermat’s improvement was the larger of 
the two. Interpret this constant (^3) as 2/log 2 by using the estimates 
for c p and f p suggested by Theorems 9 and 16. Evaluate this constant to 
several decimal places. 

9. Euler’s Generalization Proved 

We now return to Euler’s Theorem 14, 

- 1, (a, m) = 1 

which we will prove by the use of the important 

Theorem 17. Let m > 1. Let a*, 1 ^ i ^ 0(m), be the 4>(m) positive in¬ 
tegers <m and prime to m. Let a be any integer prime to m. Let the 4>(m) 
products , aai , aa 2, • • • , aa^ m) be divided by m, giving 

aai = qm + n (31) 

with 0 ^ n < m. 

Then the 4>(m) values of ri are distinct , and are equal to the cj>(m) values of 
a % in some rearrangement. 

Proof of Theorem 17. Since a and ai are both prime to m, so is their 
product—by Theorem 5, Corollary. Therefore, from Eq. (31), r* is also 
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prime to m and thus is equal to one of the a*. If r, = ry we have from 
Eq. (31), 

a(a; — ay) = (g t - — qj)m 
Thus from Theorem 6, since (a, m) = 1, 

m|a» — ay 

or ai — aj . Thus the r, are all distinct. 

Proof of Theorem 14 (by Ivory). The product of any two equations in 
Eq. (31) is 

aaiOj = Qm + nry 

for some integer Q , and by induction, the product of all $(m) equations in 
Eq. (31) can be written 

a* (m) aia 2 * • • a^m) — nr 2 • • • r^m) = Lm 

for some integer L. But (Theorem 17) the product of all the r* equals 
the product of all the a*. Since 

(a* (w) — l)aia 2 * * * a^( m ) 

is divisible by m, and each a t is prime to m, by Theorem 6 

m|a* (w) - 1. 

This completes the proofs of Theorems 14, 13i, 13, 12, and 11. 
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Our logical structure so far (not including Theorem 8 and the unproven 
Theorems 9, 15 and 16) is given by the diagram on the previous page. 

10. Perfect Numbers, II 

In the previous sections we have attempted to look at the perfect num¬ 
bers thru the eyes of Euclid, Cataldi and Fermat, and to examine the 
consequences of these several inspections. In the next section we take 
up other important implications which were discovered by Euler. The 
reader may be inclined to think that we have no sincere interest in the 
perfect numbers, as such, but are merely using them as a vehicle to take 
us into the fundamentals of number theory. We grant a grain of truth to 
this allegation but only a grain. For consider the following: 

If N is perfect it equals the sum of its divisors other than itself. 

N — 1 + d\ + d 2 + * * • + d n 

Dividing by N , we find that the sum of the reciprocals of the divisors, other 
than 1, is equal to 1. 


1 _ 1 , 1 , 1 , ,1 

1 '"w + di + d 2 + **'+d-/ 


For P 2 = 28, we have, for instance, 


1 7 + 14 + 28 + 4 + 2* 

Now write these fractions in binary notation. Since 7 (decimal) = 111 
(binary), we have 


+ = .001001001001 • • • 

tV — .000100100100 • • • (shift right one place) 

aV = 000010010010 ■ • • (shift right one place) 

i = .010000000000 • • • 

£ = .100000000000 • • • 
sum = 1 = .111111111111 

The fractions not only add to 1, but do so without a single carry! And 
as it is with 28, so is it with 496. Is that not perfection —of a sort? 

11. Euler and M :n 

We continue to examine the Mersenne numbers, M p , and our attempt 
to determine which of these numbers are prime. In Theorem 11 we found 
that any prime divisor of M p is necessarily of the form 2 kp + 1. We now 
seek a sufficient condition that is, given a prime p and a second prime 
q = 2kp + 1, what criterion will suffice to guarantee that q\M p ? Consider 
the first case, k = 1. Given a prime p, q — 2p + 1 may be a prime, as for 
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p = 3, or it may not, as for p = 7. If it is, q may divide M p , as 

23|Mn and 47|M 23 

or it may not, as 

11|M 6 and 59|4f 29 *. 

What distinguishes these two classes of q ? To help us discover the criterion, 
consider a few more cases: 

7|Af 3 ** and 167|M 83 

but 

83|M 4 i and 107^ihT 6 3- 

The reader may verify (in all these cases) that if p is of the form 4 m + 3 
and thus q = 8m + 7, then q\M p , whereas if p is of the form 4m + 1 and 
thus q — 8m + 3, then q\M p . Does this rule always hold? 

Consider the question in a more general form. Let q = 2Q + 1 be a 
prime with Q not necessarily a prime. When does 

g|2 Q - 1? 

By Fermat’s Theorem 13i we had 

</|2 2e - 1, 

and factoring the right side: 

q\{2 Q - 1) (2 q + 1), 

we find from Theorem 6, Corollary that either 

S|2° - 1 
or 

q\2 Q + 1. 

It cannot divide them both since their difference is only 2. Which does it 
divide? To give the answer in a compact form we write the class of integers 
8/c + 7 as 8fc - 1 and the class 8k + 5 as 8fc - 3. Then we have 

Theorem 18. If q = 2Q + 1 is prime , then 

q\2 Q — 1 if q = Sk d= 1, (32) 

a,nd 

q\2 Q +1 if q = 8k±S. (33) 

* Nonetheless M 29 is composite, since 233|M 29 . 

** Nonetheless M 3 is prime, since 7 = M 3 . 
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In view of the discussion above we can at once write the 

Corollary. If p = 4 m + 3 is a prime, with m > 0, and if q = 2p + 1 
is also a prime, then q\M p —and thus 2 *~ l M p is not perfect. 

Like Fermat’s Theorem 12, we will not prove Theorem 18 directly, 
but deduce it from a more general theorem. This time, however, the 
generalization is by no means as simple, and we shall not prove Theorem 18 
until Section 17. For now we deduce a second important consequence. 

Theorem 19. Every divisor of M p , for p > 2, is of the form 8k dz 1. 

Proof. Let q = 2Q + 1 be a prime divisor of M p . Then 

q\2M p = 2 P+1 - 2 = N 2 -2 (34) 

where N = 2 (p+1) ' 2 . 

Thus 2 = N 2 - Kq 

for some integer K. Then 

2 2 = N* - K 2 q 

for some integer K 2 , and, by induction 

2 Q = N 2q - Lq. 

Now q\N, since q\2, and thus, by Fermat’s Theorem, q\N 2Q - 1. There¬ 
fore q\2 Q — 1, and, by Theorem 18, q must be of the form 8k ± 1. Fi¬ 
nally, since the product of numbers of the form 8k ± 1 is again of that 
form, all divisors of M p are of the form 8k ± 1. 

We were seeking a sufficient condition for q\M P and found one in the 
corollary of the previous theorem. Here instead we have another necessary 
condition. Let us return to the table on page 22. We may now define 
e p , the last column. From the primes counted by f p = ir 2p- i(s p ), we delete 
those of the form 8k ± 3. By Theorem 19 only the remaining primes can 
qualify to be the smallest prime divisor of M p . We call the number of these 
primes e p . 

As an example, consider M n • For nearly 200 years, Cataldi’s M u had 
been the largest known Mersenne prime. To test M n , we examine the 
primes which are <46,340, of the form 62 k + 1, and of the form 8k ± 1. 
Let k = 4j + to with m = 0, 1, 2, and 3. Then the primes of the form 
62 k + 1 are of four types: 

248j + 1 = 8(31/) + 1 

248j + 63 = 8(31; + 8) - 1 

248 j + 125 = 8(31; + 16) - 3 

248j + 187 = 8(31/ + 23) + 3. 
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The last two types we eliminate, leaving 

ez\ — fl-248, l($3l) + 7T248, 63($3l)- 

Euler found that no prime q satisfied 

q < 46,340* 

J24 8k + 1 or 
q [248 k + 63 

and q\Mn . 

Thus M 3 i = 2147483647 was the new largest known prime. It remained 
so for over 100 years. 

Exercise 11. Show that if p = 4 m + 3, q = 2 kp + 1, and q\M p , 
then k — 4r or k = 4r + 1. If p = 4m + 1, and q\M p , then k = 4r or 
k = 4r + 3. 

Exercise 12. Show that 4p + 1 never divides M p . 

Exercise 13. Show that if p = 4m + 3, 

e p = Tsp, i(s p ) + %, 2 p-u(s p ), 

while if p — 4m + 1, 

e p = TT8p, 1 (S p ) + TT8p, 8p-n(Sp)- 

Exercise 14. Show that e p is “approximately” one half of f p . Com¬ 
pare the actual values of c 3 i, / 3 i, and e 3 i on page 22 with estimates ob¬ 
tained by Theorems 9 X and 16. 

Exercise 15. Identify the 3 primes in e^ . 

A glance at M 6 i , the last line of the table on page 22, shows that a 
radically different technique is needed to go much further. Euler’s new 
necessary condition, e p , only helps a little. But the theory underlying e p 
is fundamental, as we shall see. 

The other advance of Euler, Theorem 18, Corollary, seems of more 
(immediate) significance for the perfect number problem. It enables us 
to identify many M p as composite quite quickly. For the following primes 
p = 4m + 3, q = 2p + 1 is also a prime: p = 11, 23, 83, 131, 179, 191, 
239, 251, 359, 419, 431, 443, 491, 659, 683, 719, 743, 911, • • • . All these 
M p are therefore composite. 

In Exercise 12, we saw that 4p + 1 \M P . But if p = 4m + 1, then 
q = 6p + 1 = 8(3m) + 7 is not excluded by Theorem 19. Again we ask, 

* Note that Brancker’s table of primes sufficed. It existed then and included 
primes <100,000—see page 15. 
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for which primes p = 4m + 1 and primes q = 6p + 1, does q\M p ? But 
this time the answer is considerably more complicated than was the criterion 
for q = 2p + 1 above. A short table is offered the reader: 


Q * 6p + 11 M p 

Q = + 1 J( Mp 

V = 5, 37, 73, 233 

P = 13, 17, 61, 101, 137, 173, 181 


Exercise 16. Can you find the criterion which distinguishes these two 
classes of q ? This was probably first found (at least in effect) by F. G. 
Eisenstein. It is usually stated that the three greatest mathematicians 
were Archimedes, Newton and Gauss. But Gauss said the three greatest 
were Archimedes, Newton and Eisenstein! The criterion is given on page 
169. 

12 . Many Conjectures and Their Interrelations 

So far we have given only one conjecture. But recall the definitions of 
conjecture and open question given on page 2. Since by Open Question 1 
we indicate a lack of serious evidence for the existence of odd perfects, 
it is clear that if we nonetheless conjecture that there are infinitely many 
perfects, what we really have in mind is the stronger 

Conjecture 2. There are infinitely many Mersenne primes. 

Contrast this with 

Conjecture 3. There are infinitely many Mersenne composites, that is, 
composites of the form 2 V — 1, with p a prime. 

Is this a conjecture? Yes, it is. It has never been proven. It is clear that 
at least one of these two conjectures must be true. 

®y Theorem 18, Corollary, Conjecture 3 would follow from the stronger 

Conjecture 4. There are infinitely many primes p = 4 m + 3 such that 
q = 2p + 1 is also prime. 

But this is also unproven—although here we may add that the evidence 
for this conjecture is quite good. We listed on page 28 some small p of this 
type. Much larger p’s of this type are also known. Some of these are 
p = 16035002279, 16045032383, 16048973639, 16052557019, 16086619079, 
16118921699, 16148021759, 16152694583, 16188302111, etc. 

For any of these p, q = 2p + l| M p , and M p is a number, which if 
written out in decimal, would be nearly five billion digits long. Each such 
number would more than fill the telephone books of all five boroughs of 
New York City. Imagine then, if Cataldi were alive today, and if he set 
himself the task of proving these M p composite—by his methods! Can’t 
you see the picture—the ONR contract—the thousands of graduate as- 
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sistants gainfully employed—the Beneficial Suggestion Committee, etc.? 
But we are digressing. 

Conjecture 4 also implies the weaker 

Conjecture 5. There are infinitely many primes p such that q = 2p + 1 
is also prime. Or , equivalently , there are infinitely many integers n such that 
n 1 is prime , and n is twice a prime. 

Conjecture 5 is very closely related* to the famous 

Conjecture 6 (Twin Primes). There are infinitely many integers n such 
that n — 1 and n + 1 are both primes. 

While more than one hundred thousand of such twins are known, e.g., 
n = 4, 6, 12, 18, 30, • • • , 1000000000062, 1000000000332, 
140737488353508, 140737488353700, a proof of the conjecture is still 
awaited. Yet it is probable that a much stronger conjecture is true, namely 

Conjecture 7 (Strong Conjecture for Twin Primes). Let z(N) be the 
number of pairs of twin primes , n — 1 and n + 1, for 5 S n + 1 ^ N. 
Then 

~ 1.3203236 

The constant in Eq. (35) is not empirical but is given by the infinite 
product 

1.3203236 -2 g{l — (35a) 

taken over all odd primes. 

In Exercise 37S, page 214, we will return to this conjecture. It is known 
to be intimately related to the famous 

Conjecture 8 (Goldbach Conjecture). Every even number >2 is the sum 

of two primes. 

Examples: 

4 = 2 + 2 
6 = 3 + 3 
8 = 3 + 5 

10 = 5 + 5 = 3 +7, etc. 

Returning to Conjecture 5, we will indicate now that it is also related 

* By “related” we mean here that the heuristic arguments for the two conjectures 
are so similar that if we succeed in proving one conjecture, the other will almost 
surely yield to the same technique. 
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to Artin’s Conjecture and to Fermat’s Last Theorem, but it would be too 
digressive to give explanations at this point. 

We had occasion, in the proof of Theorem 19, to use the fact that 

2 M p = N 2 -2 

for some N . Thus Conjecture 2 implies the much weaker 

Conjecture 9. There are infinitely-many n for which n 2 — 2 is twice a 
prime. 

This is clearly related to 

Conjecture 10. There are infinitely many primes of the form n 2 — 2. 

While more than 15,000 of such primes are known, e.g. n = 2, 3, 5, 
7, 9, • * * , 179965, • • • , a proof of the conjecture is still awaited. Yet it is 
probable that a much stronger conjecture is true, namely 

Conjecture 11. Let P_ 2 (A) he the number of primes of the form n 2 ~ 2 
for 2 ^ n g N. Then 

P_,(tf)~ 0.9250272 f AL . (36) 

h log n 

On page 48 we will return to this conjecture. It is known to be related to 

Conjecture 12. Let Pi(N) be the number of primes of the form v? -j - 1 
for 1 ^ n g N. Then 


Pi(N) ~ 0.6864067 f . (37) 

J 2 log n 

As in Eq. (35), the constants in Eqs. (36) and (37) are given by certain 
infinite products. But we must postpone their definition until we define 
the Legendre Symbol. 

Exercise 17. On page 29 there are several large primes p for which 
q = 2p + 1 is also prime. These were listed to illustrate Conjecture 4. Now 
show that the q ’s also illustrate Conjecture 10. 

But we do not want to leave the reader with the impression that number 
theory consists primarily of unsolved problems. If Theorems 18 and 19 have 
unleashed a flood of such problems for us, they will also lead to some beauti¬ 
ful theory. To that we now turn. 

13. Splitting the Primes into Equinumerous Classes 

Definition 11 . Let A and B be two classes of positive integers. Let A(n) 
be the number of integers in A which are ^ n; and let B{n) be similarly 
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defined. If 

A(n) ~ B{n ) 

we say A and B are equinumerous. 

By this definition and Theorem 16 the four classes of primes: 8fc + 1, 
8fc — 1, 8A: + 3, and 8fc — 3 are all equinumerous. Now Theorem 18 stated 
that primes q = 2Q + 1 divide 2° - 1 if they are of the form 8k + 1 
or 8fc - 1. Otherwise they divide 2° + 1. Therefore the two classes of 


primes which satisfy 

q\2 Q - 1 and q\2 Q + 1 

are also equinumerous. 

18 not directly, 

We expressed the intent (page 27) to prove Theorem 
but, following the precedent: 

Theorem 13 —> Theorem 12, 

to deduce it from the general case. The difficulty is that the generalization 
is not at all obvious. For the base 3, there is 

Theorem 20. If q = 2Q+ 1 ^ 3 is a prime , then 

S|3° - 1 if q = 12fc =fc 1, 

and 

(38) 

q\S^ + 1 if Q = =b 5. 

(39) 


Here, again, we find the primes, (not counting 2 and 3) , split into equi¬ 
numerous classes. But this time the split is along quite a different cleavage 
plane—if we may use such crystallographic language. Thus 7|2 ■— 1, 
while 7|3 3 + 1. 

Since primes of the form 8k + 1 are either of the form 24k + 1 or of 
the form 24fc + 17; and since primes of the form 12fc — 5 are either of 
the form 24 k + 7 or of the form 24fc + 19; etc., the reader may verify 
that Theorems 18 and 20 may be combined into the following diagram: 

For q = 24k + b = 2Q + 1 = prime: 


q | 2 Q _ i -► 

b = 1, 23. 

b = 7, 17. 

q|2 Q + 1 -► 

b = 11, 13. 

b = 5, 19. 


t 

t 1 


q|3® - 1-1 *-+ 1 
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There are, of course, 8 different 6’s, since 0(24) = 8. It will be useful for 
the reader at this point, to know a formula of Euler for his phi function. 
In Sect. 27, when we give the phi function more systematic treatment, we 
will prove this formula. If N is written in the standard form, Eq. (1), then 

*W) - W (l - i) (i - I) ■ ■ • (t - 1) . 

As an example 

0(24) = 24(1 — *)(1 — *) = 8. 

But this does not end the problem of the generalization. Still another 
base, e.g., 5, 6, 7, etc., will introduce still another cleavage plane. The 
problem is this: What criterion determines which of the odd primes q , 
(which do not divide a), divide a Q — 1, and which of them divide a Q + 1? 
By Theorem 13i exactly one of these conditions must exist. 


14. Euler’s Criterion Formulated 

The change of the base from 2 to 3 changes the divisibility laws from 
Eqs. (32) and (33) in Theorem 18 to Eqs. (38) and (39) in Theorem 20. 
Euler discovered what remains invariant. In the proof of Theorem 19 the 
following implication was used: If there is an N such that q\N 2 — 2, then 
q\2 Q — 1 . The reader may verify that the number 2 plays no critical role 
in this argument, so that we can also say that if there is an N such that 
q\N 2 — a, and if q\a , then q\a Q — 1 . The implication comes from Fermat’s 
Theorem 13i, and the invariance stems from the invariance in that theorem. 

Now Euler found that the converse implication is also true. Thus we 
will have 


Theorem 21 (Euler’s Criterion). Let a be any integer , (;positive or nega¬ 
tive), and let q = 2Q + 1 be a prime which does not divide a. If there is an 
integer N such that 

q\N 2 — a, then q\a Q — 1. 

If there is no such N , then q\a Q + 1 .It follows that the converses of the last 
two sentences are also true. 


Before we prove this theorem, it will be convenient to rewrite it with a 
“notational change” introduced by Legendre. 

Definition 12 (Legendre Symbol—the current, but not the original 
definition). If q is an odd prime, and a is any integer, then the Legendre 

Symbol (^) has one of three values. If q\a, then ^ = 0. If not, then 

^ = +1 if there is an N such that q\N 2 — a, and (^ = — 1 if there is 
not. 
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Examples : 




+ 1 since 7|3 2 — 2. 


V - 


© 


- = +1 

.fly 


G)- 


since, for every <?, g|l 2 — 1. 


+ 1 if g|a, since, for every q, q\a — a . 


Now we may rewrite Euler’s Criterion as 

Theorem 2lx . If q = 2Q + 1 is a prime , and a is any integer , 


Ala 13 - 



(40) 


We may remark that usually Euler’s Criterion is presented as a method 

of evaluating by determining whether q\a Q — 1 or not. The reader 

may note that we are approaching Euler’s Criterion from the opposite 
direction. The fact is, of course, that Euler’s Criterion is a two-way im¬ 
plication, and may be used in either direction. 

Exercise 18. From Theorems 18 and 21 x show that for all odd primes p, 


Likewise 



(41) 


(42) 


where the square bracket, [ ], is as defined in Definition 6. 

Exercise 19. Determine empirically the “cleavage plane” for <z|5 Q =b 1, 
which is mentioned on page 33, by determining empirically the classes of 
primes q which divide N 2 — 5, and those which do not. That is, factor N 2 
5 for a moderate range of IV, and conjecture the classes into which the 
prime divisors fall. You will be able to prove your conjecture after you 
learn the Quadratic Reciprocity Law . 

Exercise 20. On the basis of your answer to the previous exercise, 
extend the diagram on page 32 to three dimensions, with the three cleavage 
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planes, 2 Q =h 1, 3 Q ± 1, and 5 Q ± 1. In each of the eight cubes there will be 
four values of 5, corresponding to four classes of primes, q = 120 k + b. 
All together there will be 32 classes, corresponding to 0(120) = 32. 

15. Euler’s Criterion Proved 

Our proof of Theorem 21 : will be based upon a theorem related to 
Theorem 17. 

Theorem 22. Let q be prime , and let ai , i — 1,2, • • • , q — 1, be the posi¬ 
tive integers < q. Let a be any integer prime to q. Given any one of the ai , 
there is a unique j such that 

q\aiaj — a. (43) 

Proof. By Euclid’s Eq. (7), page 9, there is an m and an n such that 

mat + nq = 1, 

or 

maai + naq = a. (44) 

Since (m, q) = 1, we have q\ma and if we divide ma by q we obtain 

ma — sq + aj (45) 

for some j and some s. From Eqs. (44) and (45), 

q\aiaj a. 

Now, for any k such that 

q\aia k — a, 

we have 

q\ai(ak — aj), 

and, since q\ai , we have q\(a k — aj) , that is, k ~ j. 

Now we can prove Theorem 21i. 

Proof of Theorem 21i (by Dirichlet). Assume first that 

With reference to Definition 12, this implies that the j and i in Eq. (43) 
can never be equal. Therefore, by Theorem 22, the 2 Q integers a* must 
fall into Q pairs, and each pair satisfies an equation: 

ai aj = a + Kq 

for some integer K. The product of these Q equations is therefore 

(2Q)! = a Q + Lq 



(46) 
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for some integer L. Therefore 

(^j = — 1 implies q\a Q — (2 Q)!. 

Now assume ^ = +1. Then q\N 2 - a for some N, and, since q\N 


( 47 ) 


we may write N = sq + a r for some s and r. Therefore 


(48) 


q\a r — a. 

If, for any t, 

q\a t 2 - a , 

then from Eq. (48), 

g\ai 2 — a 2 , or q\(a t — a r )(a t + a,). 

Thus either t = r, or a t + a r = mq. In the second case, since a t and a r 
are both <q } m = 1 , and therefore a t = q — a t . Thus if = +1, there 
are exactly two values of a* which satisfy the equation 

q\x 2 — a. 

These two values, a T and a t = q — a r , satisfy 

— ctAt = a + Kq (49) 

for some K. 

The remaining 2Q — 2 values of a 4 - fall into Q — 1 pairs (as before) and 
each such pair satisfies Eq. (46). The product of these Q — 1 equations, 
together with Eq. (49), gives 

— (2Q)! = a Q + Mq 

for some M. Therefore 

( 50 ) 


-J = +1 implies q\(2Q)\ + a Q . 


Equations (47) and (50) together read 


q\ 


©< 2 ® ! 


+ a Q . 


(51) 


If we let a = 1 , by the third example of Definition 12, we have, for every q, 

fl |(2Q)! + l. (52) 
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Therefore (2Q)! = — 1 + Kq for some K , and Eq. (51) becomes 


q\a Q - 



(53) 


Finally if 


= 0, q\a , and Eq. (53) is still true. This completes the proof 


of Theorem 21 x . 

It may be noted, that if b 2 — a , then by Eq. (40), and the last example 
of Definition 12, we again derive 


q\b 2Q - 1 , 


which is Fermat's Theorem 13i. This theorem is therefore a special case 
both of Euler's Theorem 14, and his Theorem 21 x . 


Exercise 21. There have been many references to Fermat's Theorem 
in the foregoing pages. With reference to the preceding paragraph, review 
the proof of Theorem 21 x to make sure that a deduction of Fermat's Theo¬ 
rem from Euler's Criterion is free of circular reasoning. 

We have set ourselves the task of determining the odd primes q = 2Q + 1 
which divide a Q — 1 . Euler's Criterion reduces that problem to the task of 

evaluating This, in turn, may be solved by Gauss's Lemma and the 


Quadratic Reciprocity Law. It would seem, then, that Euler's Criterion 
plays a key role in this difficult problem. Upon logical analysis, however, 
it is found to play no role whatsoever. Theorem 21 and Definition 12 will 
be shown to be completely unnecessary. Both are very important—for 
other problems. But not here. If we have nonetheless introduced Euler's 
Criterion at this point it is partly to show the historical development, and 
partly to emphasize its logical independence. 

16. Wilson's Theorem 

In the proof of Theorem 21 x we have largely proven 


Theorem 23 (Wilson’s Theorem). Let 


N = (q - 1)! + 1. 


Then N is divisible by q if and only if q is a prime. 

Proof (by Lagrange). The “if" follows from Eq. (52) if q is an odd 
prime, since q — 1 = 2 Q. If q = 2, the assertion is obvious. If q is not 
a prime, let q ~ rs with r > 1 and $ > 1 . Then, since s\(q — 1)!, s\N. 
Therefore q\N and q\N only if q is prime. 

The reader will recall (page 14) that when we were still with Cataldi, 
we stated that a leading problem in number theory was that of finding an 
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efficient criterion for primality. In the absence of such a criterion, we have 
used Fermat’s Theorem 11, and Euler’s Theorem 19, to alleviate the 
problem. Now Wilson’s Theorem is a necessary and sufficient condition 
for primality. But the reader may easily verify that it is not a practical 
criterion. Thus, to prove Mi$ a prime, we would have to compute: 

5242871524286! + 1. (54) 

But the arithmetic involved in Eq. (54) is much greater than even that 
used in Cataldi’s method. We will return to this problem. 

Exercise 22. If q = 2 Q -f- 1 is prime, and Q is even, 

sl(Q0 2 + i- 

Exercise 23. 



and therefore all odd divisors of n 2 + 1 are of the form 4 m + 1. 

Exercise 24. For a prime q — 4 m + 1, find all integers x which satisfy 

«l* 2 + 1. 

Exercise 25. We seek to generalize Wilson’s Theorem in a manner 
analogous to Euler’s generalization of Fermat’s Theorem. Let m be an 
integer >1 and let a, be the 4>(m) integers 1, • • • , m — 1 which are prime 
to m. Let A be the product of these 4>(m) integers a,. Then for m = 9 
or 10, say, we do find m\A + 1 analogous to p\(p — 1)! + 1 for p prime. 
But for m = 8 or 12 we have, instead, m\A — 1. Find one or more addi¬ 
tional composites m in each of these categories. We will develop the com¬ 
plete theory only after a much deeper insight has been gained—see Ex¬ 
ercise 88 on page 103. 

17. Gauss’s Criterion 

After our digression into Euler’s Criterion, we return to the problem 
posed on page 33. Which of the primes q = 2Q + 1, which do not divide 
a, divide a Q — 1? The similarity of Theorems 18 and 20, for the cases 
a = 2 and a = 3, may create the impression that the problem is simpler 
than it really is. But consider a larger value of a —say a = 17. Then it will 
be found that primes of the form 34/c ± 1, 34 k ± 9, 34/c ± 13, and 34/c ± 15 
divide 17° - 1, while 34 k ± 3, 34/c ± 5, 34 k ± 7, and 34/c ± 11 divide 
17 c + L Such complicated rules for choosing up sides seem obscure in¬ 
deed. Thus the complete, and relatively simple solution for every integer 
a, at the hands of Euler, Legendre, and Gauss, may well be considered a 
Solved Problem par excellence. 
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A large step in this direction stems from the simple 

Theorem 24. Let ai(i = 1,2, • • • ,Q) be the positive odd integers less than 
a prime q = 2Q + 1, and let a be any integer not divisible by q. Let 

aa t = qiq + r* (0 < r* < q) (55) 

as in Eq. (31) of Theorem 17, (page 23). In addition to the result given 
there that all Q of these r * are distinct , it is also true that no two of them add 
to q: 

Ti + 77 q. (56) 

Proof. If r* + 77 = q, then, from Eq. (55), 

a(ai + af) = Kq (57) 

for some integer K. But a, + aj is even and < 2 q. Therefore q\ai + dj 
and Eq. (57) implies q\a. Since this cannot be, we obtain Eq. (56). 

From this simple observation we obtain an important result which we 
will call Gauss’s Criterion. 

Theorem 25 (Gauss’s Criterion). Let q , a, a*, and r { be as in the previous 
theorem , and let 7 be the number of the ri which are even —and therefore not 
equal to some . Then 

q\a Q - (58) 

i.e., q\a Q — 1 or q\a Q + 1 according as y is even or odd. 

Proof. The set of Q remainders, 77 , given by Eq. (55), consists of 7 
even integers and Q — 7 of the odd integers ai . Let each of the 7 even 
integers, 77 , be written as q — a k for some k . But this ak cannot be r m , 
one of the Q — 7 odd remainders, since, if it were, we would have rj + 
tv = q in violation of Theorem 24. Therefore, for each , either ai is one 
of the odd r* or q — ai is one of the even , but not both. In the first case 
we have 


aaj = qjq ai 

for some j , and in the second case we have 

aa k = q k q + (q — ai) 
= (q k + l)q — ai 


(59) 

( 60 ) 


for some k. 

If we now take the product of the 7 equations of type Eq. (60) and the 
Q — 7 equations of type Eq. (59) we obtain 

a Q (aiQ 2 • • • a Q ) = Lq + (— \) y (a } a 2 • • • a Q ) 
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for some integer L. Proceeding as we did in Theorem 14 (page 24) we 
obtain Eq. (58). 

Exercise 26. Derive Fermat’s Theorem from Gauss’s Criterion, and, 
as in Exercise 21, check against circular reasoning. 

With Gauss’s Criterion we may now easily settle Theorem 18. 

Proof of Theorem 18. Let a = 2 in Theorem 25. If Q is odd, there are 
(Q + l)/2 odd numbers, 1, 3, 5, • • ■ , Q, whose doubles 

2-l,2-3, ••• ,2 Q 

are less than q. Therefore q% = 0 in Eq. (55), and these even products, 
2a*, are themselves the r*. The remaining products 

2(Q + 2),2(Q + 4), ••• ,2(2Q - 1) 

will have q* = 1 and therefore their r t - will be odd. Thus, if Q is 
odd, 7 = (Q + l)/2. Likewise, if Q is even, the Q/2 products 

2-1,2-3, ,2 (0 - 1) 

have even r*, and y = Q/2. Both cases may be combined, using Definition 
6, in the formula 

From Eq. (58) we therefore have 

q\2 Q — ( — l) {gf+1/4J (compare Exercise 18). (61) 

Finally if q = 8k ± 1, = And if <Z = =b 3, ^ 

2k ± 1. This completes the proof of Theorem 18, and therefore also of 
Theorem 19. 

18. The Original Legendre Symbol 

With the proofs of Theorems 18 and 19, we might consider now whether 
we should pursue the general problem, q\a Q =t 1, or whether we should 
return quickly to the perfect numbers. But there is little occasion to do the 
latter. We have already remarked (page 28) that “a radically different 
technique is needed to go much further.” Such a radically different tech¬ 
nique is the Lucas Criterion. But to obtain this we need some essentially 
new ideas. And to prove the Lucas Criterion we will need not only Theorem 
18, but also Theorem 20—the case a = 3. We therefore leave the perfect 
numbers, for now, and pursue the general problem. 

Legendre’s original definition of his symbol was not Definition 12, but 
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Definition 13 (Original Legendre Symbol). If q = 2Q + 1 is prime, and 
a is any integer, then ( a\q ) has one of three values. If q\a , then ( a\q ) = 0. 
If not, then (a|<j) = +1 if q\a Q — 1 and (a\q) = — 1 if q\a Q + 1. In every 
case 

3|a® - (a|g). (62) 

This looks very much like Euler’s Criterion. But of course it isn’t. It is 
merely a definition, not a theorem. Further, there is nothing in this defini¬ 
tion about an N such that q\N 2 — a, etc. In view of Theorem 21i, 
Eq. (40), it is clear that 

(a[q) = . (63) 

We stated above, however, (page 37) that the solution of the problem 
q\a Q dz 1 is logically independent of Euler’s Criterion and Definition 12. 
For the present then, we will ignore Eqs. (63) and (40), and confine 
ourselves to Definition 13 and Eq. (62). 

In terms of the original Legendre symbol we may rewrite Gauss’s 
Criterion as 

Theorem 25 x . With all symbols having their previous meaning , we have 

(Olfl) = (-1 ) 7 (64) 

if q\a. 

The symbol (a|$) has two important properties—it is multiplicative and 
periodic. 

Theorem 26. 


(<*%) = (a\q)(b\q). 

(a + kq\q) = (a\q) (for any integer k). 


Proof. Since 

a° = Kq + (a\q), 
and b Q = Lq + (b|<z), 

we have (nb) Q = Mq + (a\q)(b\q) 

for some integers K, L, and M. But since 

(ab) Q = Nq + (a&|g) 


(65) 

( 66 ) 


we have 


q\(a\q)(b\q) - (ab\q). 


( 67 ) 
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Again, by Eq. (13), 

q\(a + kq) n — a n 

for every n. Therefore q\(a + kq) Q — a Q or 

q\(a + kq\q) - ( a\q ). (68) 

Since the right sides of Eqs. (67) and ( 68 ) are less than q in magnitude, 
they must both vanish, and therefore Eqs. (65) and ( 66 ) are true. 

To solve the problem q\a Q d= 1 , we must evaluate (a\q). If q\a> there is 
no problem. Let q\a and let a be a positive or negative integer written 
in a standard form 


a = ±pVp? * • • Vn . (69) 

By factoring out pV for every even ai , and p a f~ l for every odd a y > 1 , 
we are left with 


a = ±ViPk • ■ • PmN 2 , (70) 

a product of primes times a perfect square N 2 . Now, from Eq. (65), 

(N 2 \q) = (N\q)(N\q) = +1 (71) 

since q\N, so that, from Eq. (65), we have 

(a|g) = (±l|tf)(py| 2 ) ••• (p m | q). (72) 

If the first factor is ( — 1 Jg), from Eq. (62) we have 

(—lie) = (-1)°. (73) 

Otherwise 


(H<?) = I- (74) 

If pj = 2 , from Eq. (61) we have 

(2| 5 ) = (_i) «*+»"). ( 75) 

Therefore to evaluate any (a|^) there remains the problem of evaluating 
( p\q ) for any two odd primes p and q . 


19. The Reciprocity Law 

By examining many empirical results (such as those of Exercise 19), 
Euler, Legendre and Gauss independently discovered a most important 
theorem. But only Gauss proved it—and it took him a year. In terms of the 
original Legendre Symbol we write 

Theorem 27 (The Reciprocity Law). If p = 2P + 1 and q = 2Q + 1 

are unequal primes , then 


(p\q)(q\p) = (-i) PQ . 


(76) 
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The theorem may also be stated as follows: ( p\q ) = ( q\p ) unless p 
and q are both of the form 4m + 3. In that case, PQ is odd, and ( p\q ) = 

-(glp)- 

Before we prove Theorem 27, let us state right off that it completely 
solves our problem, q\a Q =b 1 . We stated above that what remained was to 
evaluate all ( p\q ). But if p > q we may write p — sq + r and therefore, 
by Eq. ( 66 ), (p\q) — (r\q) . Without loss of generality we may therefore 
assume p < q. But in that case we may use Eq. (76) and obtain 

(pig) = (-^(glp) 

so that if q = sp + r, 

(pig) = (-i) p Vlp)- 

Thus we reduce a symbol whose right argument is a prime q to one whose 
right argument is a smaller prime p . By continuing this reduction we must 
eventually get down to a symbol 

(- 11 ?), (llg), or ( 2 | q) 

which we can evaluate by Eqs. (73), (74) or (75). 

To illustrate these reductions we will evaluate several ( a\q ) and prove 
one theorem. In carrying out any step of a reduction it will be convenient 
to write 


(Hg) = lu 
(- 11 $) = (- 1)5 
( 2 |$) = (-Di ™ 41 

(' aN 2 \q ) = (a|$) s (if q\N) (77) 

(a%) = («|g)(&lg)Af 
(a + kqlq) = (a|$) P 
(Pig) = (-D p *(glP)« 

depending on whether that step uses the 4 'unit/’ ^^ negative, ,, “double,” 
“square,” “multiplicative,” “periodic,” or “reciprocity” rule. There is no 
unique method of reduction. Thus 

(8]17) = (2|l7) s = +lz>, 

or 

(8|17) = (-9|17)p = ( —l|l7) s = +liv, 

or 

(8|17) = (25|17) P = (l|l7) s = + U , 



44 


Solved and Unsolved Problems in Number Theory 


or 

(8|17) = (—26(17), = (26|17W = (13|l7W 
= (17|l3) B = (4|l3)p = +lst/. 

Any path leads to the same answer, (8|l7) = 1, and this implies 17|8 8 — 1. 
Again, 

(17|47) = (47|17)„ = (13|17), = +1 (as above). 
(17|47) = (64|17)p = +l sv . 

Therefore 47|l7 23 — 1. 

A third example raises a new point. We have 

(15|47) = (3|47)(5|47), = —1(47|3) (47|5) B 

= -1(-1|3)(2|5)p = (2|5)» = -1 D . 

But (15|47) =L -1(47|15) b= ? -l(2|l5) B i -Id. 

In the second “reduction” we did not factor 15 and we applied the rules 
(77) to (47|15) and (2 [15). But 15 is not a prime I Nonetheless we obtained 
the correct answer. We will return to this pleasant possibility in Volume 
II when we study the Jacobi Symbol. Now let us prove Theorem 20. 

Proof of Theorem 20. 

(3|l2fc + 1) = (12fc + l|3) B = (1|3)p = l v . 

(3|l2fc - 1) = — 1 • (12fc - l|3) B = —1 - (— 1|3)p = 1 N . 

(3|l2 k + 5) = (12fc + 5|3) b = (— l|3)p = -l w . 

(3|l2fc - 5) = —l(12fc - 5|3) b = -1-(1|3)p = -1^. 

Therefore q = 12fc ± l|3° — 1 and 

q = 12fc ± 5|3° + 1. 

We note, in passing, that Theorem 20 makes an assertion concerning 
(31 q) for infinitely many q, while in the proof we need evaluate only finitely 
many Legendre Symbols. It is, of course, the Reciprocity Law, together 
with Eq. (66), that brings about this economy. 

Exercise 27. Verify the statements on page 38 concerning 17 Q ± 1. 

Exercise 28. Investigate the possibility of always avoiding the “double” 
rule, inasmuch as 

(2|«) = (-l|«)(g - 2 | q) 

If so, it means that our original motivation, q\2 Q db 1, is the one thing we 
do not need in determining q\a Q ± 1. 
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The simplest and most direct proof of the Reciprocity Law is perhaps 
the following modification of a proof by Frobenius. It is based on Gauss’s 
Criterion. 

Proof of Theorem 27. Let q = 2Q + 1 and p = 2P + 1 be distinct 
primes. Let a be an odd integer satisfying 0 < a < p such that 

qa = pa' + r (78) 

with r an even integer satisfying 0 < r < p. If y is the number of such a, 
by Eq. (64) we have 

(q\p) = (-D 7 . 

It follows from Eq. (78) that for each such a, the corresponding a' is also 
odd , is unique, and satisfies 0 < a' < q. 

By symmetry 

(plfl) - (-1 v 

where 7 ' is the number of odd a' such that 

pa! = qa + r (79) 

with 0 < a' < q y 0 < r < q, 0 < a < p y and with a odd. Again, for each 
such a', a is unique. 

If we now consider the function 


R{a, a') — qa — pa' 

where a — 1,3, 5 , • • • , p — 2, and a' = 1, 3, 5, • • • , q — 2, we see that 
there are 7 of these R which satisfy 0 < R < p, and 7' of these R which 
satisfy —q<R< 0. Since there is no R = 0 (because a < p and p is a 
prime), we see that there are 7+7' values of R such that 

—q<R<p. (80) 

But if Ri — qa 1 — paf is one of these, then so is R% = qa% — pa 2 ' where 


ai + 02 = p - 1, 

ai + a 2 ' = q — 1, 

and therefore 


(81) 


ft + R 2 = p — q- 

For, the mean value of Ri and R 2 equals the mean value of the limits of 
Eq. (80), — q and p. Therefore if Ri is even, and between these limits, 
so will R 2 be even and between the limits. And likewise if a x is odd and 
between 0 and p — 1 , so is 02 . And similarly with a/ and a 2 '. 
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Therefore each R in Eq. (80) has a companion R in Eq. (80), given by 
Eq. (81), unless 

ai = a 2 = (p - l)/2 = P, and a/ = a/ = Q. (82) 

Bat, since every a and a' is odd, Eq. (82) cannot occur unless P and Q are 
both odd. Conversely, if P and Q are both odd, there is a self-companioned 

R = qP-pQ = P- Q 

given by Eq. (82), which does satisfy Eq. (80). 

Thus 7 + y' is even unless P and Q are both odd. But so is PQ even, 
unless P and Q are both odd. Therefore 


(alpXpl 2) = (-i) 7+1 " = (~i) PQ 


and Theorem 27 is proven. 

Gauss gave seven or eight different proofs of the Reciprocity Law. All of 
them were substantially more complicated than the one we have given— 
and the first proof, as we have said above, took him a year to obtain. 
Yet the given proof, based on Gauss's Criterion, seems quite straight¬ 
forward and simple. We will return later to this question—since we are 
interested, among other things, in the reasons why some proofs are com¬ 
plicated, and in the feasibility of simplifying them. 

We may note that the proofs of Theorem 25 (Gauss's Criterion) and of 
Theorem 27 just given, are similar in strategy to parts of Dirichlet's proof of 
Euler's Criterion (page 35). In both cases we multiply Q equations 
together, and in both cases we set up “companions"—except that in 
Euler's Criterion the companions are multiplicative, as in Eq. (46), while 
in Theorem 27 they are additive, as in Eq. (81). Again, in both cases, the 
self-companioned singularity (which may or may not occur) is the 
critical point of the proof. 


Exercise 29. Show that if the Q numbers a { in Theorem 24 are the num¬ 
bers 1, 2, • • • , Q instead of the odd numbers, the theorem is still true. 

Exercise 30. Modify Theorem 25 in accordance with the different set 
of a { in the previous exercise. (For this different set and with the use of 

instead of (a\q), this result is called Gauss's Lemma.) Carry out the 
details of the new proof. 


Exercise 31. With the variation on Theorem 25 of the previous example, 
carry out another proof of Theorem 27—with “companions," etc. 

Exercise 32. Consider Eq. ( 80 ) and show that each R such that p < R 
can be put into one-to-one correspondence with an R such that R < —q. 
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If the number in each set is A , then PQ = 7 + 7 ' + 2A. Therefore we 
have another variation on the proof of Theorem 27. 

Exercise 33. Examine the “companions,” Eq. (81), in several numerical 
cases and verify that sometimes the 7 solutions of Eq. (78) choose their 
companions solely from the 7 ' solutions of Eq. (79), while sometimes some 
of the 7 companions of Eq. (78) are themselves from the set Eq. (78). 


20. The Prime Divisors of n 2 + a 

Now that we have completed the solution of the problem q\a Q =L 1 , 
we will lift our ban against Euler's Criterion and Definition 12. Henceforth, 


(a|<?) and are identical, will be designated the Legendre Symbol, and 
may be written in either notation. 

If q = 2Q + 1 is a prime which does not divide a, we now have at once 
that 


q\n + a 


for some n 


■<?)= 


+ 1, and 


q\n + a 


for any n , if (?) = —1. The symbol (?) we may evaluate by the rules 

of Eq. (77). When we are concerned, as we are here, with q\n 2 + a, Theorem 
27 is called the Quadratic Reciprocity Law. 

Exercise 34. Show that for any odd prime q = 24 k + 6, which is greater 
than 3, there is an n such that q\n 2 + a if b is one of those listed in the 
following table. If b is not so listed, in the row corresponding to a, there is 
no such n. 


a 

b 

+ 1 

1, 5, 13, 17 

+2 

1, 11, 17, 19 

-2 

1, 7, 17, 23 

+3 

1, 7, 13, 19 

-3 

1, 11, 13, 23 

+6 

1, 5, 7, 11 

-6 

1, 5, 19, 23 


Comment: In each of these seven cases “one-half” of the primes divide 
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the numbers of the form n 2 + a, since 0(24) = 8. (When we get to modulo 
multiplication groups, these seven sets of b will constitute the seven sub¬ 
groups of order four in the group modulo 24. Why the special role of b = 1? 
Because 1 is the identity element of the group.) 

Exercise 35. Prove the conjecture you made concerning the prime 
divisors of n 2 — 5 in Exercise 19. Or, if your conjecture was erroneous, dis¬ 
prove it. But if you haven’t done Exercise 19, don’t do it now. You already 
know too much. 

The reader no doubt asked himself, while reading Conjectures 11 and 
12, why there should be more primes of the form n — 2 than of the form 
n +1, and what the general situation would be for any form n 2 + a. 
With what he knows now the reader may begin, if he wishes, to partially 
formulate his own answer. In particular, from the table in Exercise 34, 
should there be (relatively) few primes of the form ri + 6, or (relatively) 
many? 


Definition 14. By P a (N ) is meant the number of primes of the form n 2 + a 
for 1 ^ n g N. If a is negative, and if for some n, n 2 + a is the negative 
of a prime, we will, nonetheless, count it as a prime. 

Now that we have the Legendre symbol we can define the constants 
in Conjectures 11 and 12, and state a general conjecture of which these 
two are special cases. 


Conjecture 12 t (Hardy-Littlewood). 

If a —m, 


Pa(N ) 


1 . [* dn 

~o ha 1 - 

2 J 2 log n 


where the constant h a is given by the infinite product 

K = n{l - (—a\w) - 1 | 

w ( W — 1J 


taken over all odd primes w. Here (—a\w) is the Legendre symbol . 


Example : 

From (— l|w) = (— 1) ( "~ 1>/2 we have 


Ai = (1 +I)(1 - i)d + *)(1 + *)(i - *)(i - A) ••• 


= 1.37281346 


and we thus obtain Eq. (37) for primes of the form n 2 + 1. 

But to evaluate such slowly convergent infinite products we will need 
many things which we have not yet developed—Mobius Inversion Formula, 
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Gauss Sums, and Dirichlet Series. We therefore postpone further considera¬ 
tion of this conjecture until Volume II. 

We offer, however, without further comment, a little table for the 
reader’s consideration. 


a 

Fo ( 1000 ) 

P o ( 10 , 000 ) 

P <,( 100 , 000 ) 

+7 

167 

1238 

9521 

-2 

157 

1153 

8888 

-5 

148 

1088 

8579 

-3 

120 

850 

6664 

+1 

112 

841 

6656 

+4 

125 

870 

6517 

+3 

109 

711 

5426 

-6 

91 

643 

5010 

-7 

68 

440 

3627 

+2 

68 

446 

3422 

- 1-6 

53 

444 

3420 

+5 

48 

339 

2567 

-4 

2 

2 

2 

-1 

1 

1 

1 

0 

0 

0 

0 





CHAPTER H 


THE UNDERLYING STRUCTURE 


21. The Residue Classes as an Invention 

In July 1801, Carl Friedrich Gauss of Braunschweig completed a book 
on number theory, written in Latin, and entitled Disquisitiones Arithme- 
ticae. He was then 24, and largely unknown. He had been writing this book 
for five years. Upon publication, it was at once recognized as a work of the 
highest order, and, from that time until his death many years later, Gauss 
was generally regarded as the world's leading mathematician. Since Gauss 
was the director of the astronomical observatory at Gottingen for 48 years, 
his death was recorded with appropriate accuracy: February 23, 1855 at 
1:05 a.m. 

We should make it clear that his early reputation stemmed equally (or 
perhaps principally) from quite a different source. On January 1, 1801, 
Giuseppe Piazzi had discovered a minor planet in the general vicinity 
predicted by Bode's Law. This planetoid was named Ceres, but, being 
only of 8th magnitude, it was lost 40 days later. From the data gathered 
during these 40 days, and with new methods of reducing these which he 
devised, Gauss managed to relocate the planet. And since celestial me¬ 
chanics was the big thing in mathematics at that time—say as topology 
is today this relocation too was regarded as a work of first magnitude. 
But if fads in mathematics change quickly, certain things do not. Of these 
two works of Gauss in 1801, his book is still of first magnitude, and Ceres 
is still of eighth. 

At that period, France was once again the leading center of mathematics 
with such luminaries as Lagrange, Laplace, Legendre, Fourier, Poncelet, 
Monge, etc., and consequently Gauss's book was first translated into 
French (1807). It is perhaps through this translation that the work of 
“Ch. Fr. Gauss (de Brunswick)" became known to the mathematical 
world. It is said that Dirichlet carried his copy with him wherever he 
went, that he even slept with the book under his pillow, and that many 
years later, when it was out of print, he regarded it as his most precious 
possession—even though it was completely in tatters by then. For ap¬ 
proximately $9.50 one may purchase a 1953 (Paris) reprint of this transla- 
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tion, with an unsubstantial cover, and with pages so well oxidized that it 
may well attain this “Dirichlet Condition'' even if it encounters a more 
casual reader. There also exists a German translation((1889), but, at this 
writing, the book is still not available in English. 

We ask now, what was in it; and why did it make such a splash? Well, 
many new things were in it—Gauss's proof of the Reciprocity Law, his 
extensive theory of binary quadratic forms, a complete treatment of 
primitive roots, indices, etc. Finally it included his most astonishing dis¬ 
covery, that a regular polygon of F m = 2+ 1 sides can be inscribed in 
a circle with a ruler and compass—provided F m is a prime. 

But the most immediate thing found in Gauss's book was not one of 
these new things; it was a new way of looking at the old things. By this 
new way we mean the residue classes . Gauss begins on page 1 as follows: 

“If a number A divides the difference of two numbers B and C, B and C 
are called congruent with respect to A , and if not, incongruent . A is called 
the modulus ; each of the numbers B and C are residues of each other in the 
first case, and non-residues in the second." 

Does it seem strange that Gauss should write a whole book about the 
implications of 

A\B — C ? (83) 

It surely is not clear a priori why Eq. (83) should be worthy of such pro¬ 
tracted attention. In fact, these opening sentences are completely un¬ 
motivated, and hardly understandable, except in the historical light of the 
previous chapter. But in that light, the time was ripe—and even overripe— 
for such an investigation. We will review four aspects of 1(he situation then 
existing. 

(a) First, it will not have escaped the reader that we were practically 
surrounded by special instances of (83) in the previous chapter. Thus 
Fermat’s Theorem 13j reads: 

- 1 , 

and his Theorem 11: 

q\2 p - 1 2p\q - 1 , 

can go it one better by having both hypothesis and conclusion in that 
form. So likewise Euler’s Criterion: 

q\N 2 — a q\a Q — 1, 

and his Theorem 19: 

<$? — 1 —> 8|5 — 1 or 8\q — ( —1). 
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Could so much formal similarity be fortuitous? And if not, what could be 
its significance? 

Where^ we first came upon such expressions we know well enough—if 
iV = 2 W 1 F is to be perfect, the sum of divisors 1 + 2 + • • • + 2 n ~~ 1 — 
2 W - 1 must be a divisor of N, and must also be a prime. But 23|2 n - 1 , 
and therefore Mn was not a prime, etc. It is another question, however, if 
we ask why the expressions A\B - C should be so persistent. 

We should make it clear, at this point, that though we have followed one 
path in the previous chapter, that starting from the perfect numbers, much 
other ground had been gone over by this time. In particular, consider 
Gauss. Gauss could compute as soon as he could talk—in fact, he jokingly 
claimed he could compute even earlier. He rediscovered many of the 
theorems given in the previous chapter before he had even heard of Fermat, 
Euler or Lagrange. It is clear that no computing child could reinvent 
anything as esoteric as the perfect numbers, and therefore Gauss could 
not have followed the path which we have sketched. To the Greeks a 
divisor of a number, other than itself, was a “part” of the number; and 
for a perfect number, the whole was equal to the sum of its parts. Such a 
Greek near-pun could well engage the classicists of the Renaissance, but 
would not be likely to occur to a self-taught Wunderkind. 

What was available to Gauss was such material as 


\ = .142857142857142857 • • • 

and ts = .076923076923076923 • • • . 

Now if i is a periodic decimal with a period 6 , then since 1 = 0.999999 • • , 
it means that 7|999999, or 


7|l0 6 - 1 . 

Likewise for any prime p, not equal to 2 or 5 , we find 

pIio* -1 - 1. 

Therefore, say, 


13|10 12 - 1. 

But we have just seen that ts also has a period of 6 , so that 

13|10 6 - 1. 

From the foregoing theory we know that 

p|l 0 (p-1)/2 — 1 means ( 10 |p) = +1 

and that 


(10|13) = (-3|13), = (3113)** = (13|3). = +l Pa . 
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It is clear, however, that whether Fermat and Euler were interested in 
perfect numbers—and 23|2 n — 1; or Gauss was interested in periodic 
decimals—and 13|l0 6 — 1, the basic underlying theorems are identical, 
and A\B — C arises in either case. 

(b) There is another case of persistence in the previous chapter. On 
pages 24, 27, 35, etc., we are saying, repeatedly, “for some integer, Q, L, 
K , Kz” etc., and that seems almost paradoxical at first. Isn’t number theory 
an exact science—don’t we care what Q, L , etc., are equal to? The answer 
is, generally,* no. If we are interested in A\B this implies some integer X 
such that B = AX , but which integer is quite irrelevant. 

It is instructive to examine the additive analogue of divisibility, A < B. 
This implies a positive X such that B = A + X, but which X is again 
irrelevant. If this were not the case, Analysis would be quite impossible. 
It is difficult enough to show that a certain quantity is less than epsilon— 
it would be totally unfeasible if we always had to tell how much less. The 
analyst embodies this ambiguity in X by working with classes of numbers, 
— e < X < e, and any X in the class will do. Likewise in divisibility theory 
we should consider the advantages of working with classes of numbers, 
which would embody the ambiguity presently in question. 

A variation on this theme concerns the algebra of such ambiguity. On 
page 27 we square one ambiguous equation, 2 = N 2 — Kq , to obtain a 
second, 2 2 = A 4 — K 2 q . On page 36 we substitute the ambiguous N = 
sq + a r into q\N 2 — a to obtain q\a? — a. Such persistent, redundant, and 
rather clumsy algebra virtually demands a new notation and a new algebra. 

(c) Again, consider the arithmetic of page 26: 

167|2 83 - 1, 

or the seemingly impossible operation, 

32070004559|2 16035002279 - 1, 

of Exercise 7. The first seems a little long and the second virtually im¬ 
possible—but only because the dividend, and therefore the quotient is so 
large. But we said that in questions of divisibility the quotient is irrelevant , 
that only the remainder is of importance. Thus, if 

b = qa + r, 

divisibility depends only on r. And r is less than a. And a, even in the 
second case, is not too large to handle. What we want, then, is an arithmetic 
of remainders. 


An important exception will be discussed in Sect. 25. 
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(d) A final, and most important point. Fermat’s Theorem quickly let 
its power be seen. Thus 

/» = 6 « ci 9 = 128 

was most impressive. Similarly Euclid’s Theorem 5 and its immediate 
consequence Theorem 6 have, by their constant use, become quite in¬ 
dispensable. Yet can we say, at this point, that we can see clearly the 
source of this power and this indispensability? There is suggested here the 
existence of a deeper, underlying structure, the investigation of which 
deserves our attention. 

We want then, in (b), an algebra of ambiguity; in (c), an arithmetic of 
remainders; and in (d), an interpretation in terms of an underlying struc¬ 
ture. It is the merit of the residue classes that they answer all three of these 
demands. 

We could, it is true, have introduced them earlier—and saved a line here 
and there in the proofs. But History did not introduce them earlier. Nor 
would it be in keeping with our title, “Solved and Unsolved Problems,” 
for us to do so. To have a solved problem, there must first be a problem, 
and then a solution. We could not expect the reader to appreciate the 
solution if he did not already appreciate the problem. Moreover, if we have 
gone on at some length before raising the curtain (and perhaps given undue 
attention to lighting and orchestration) it is because we thought it a matter 
of some importance to analyze those considerations which may have led 
Gauss to invent the residue classes. Knowing what we do of Gauss’s great 
skill with numbers, and while we can not say for certain, the consideration 
most likely to have been the immediate cause of the invention would seem 
to be item (c) above. 

Exercise 36. Using the results of Exercise 35 and of Exercise 18, deter¬ 
mine the odd primes p = 2P + 1 ^ 5 such that 1/p has a decimal expan¬ 
sion which repeats every P digits. The period of some of these primes may 
be less. Thus = .027027 • ■ • does repeat every 18 digits, but its period 
is 3. 

22. The Residue Classes as a Tool 

Definition 15. If a, b, and c are integers, with a > 0, and such that 

a|5 - c, (84) 

we may write, equivalently, 

b = c (mod a), (85) 

and the latter is read “b is congruent to c modulo a.” We may also say “b is 
a residue of c modulo a.” Conversely, given Eq. (85), we may write Eq. 
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(84). If b is not congruent to c modulo a , we write 

b ^ c (mod a). 


If 


then 


b — qa + r, 

b = r (mod a) 


( 86 ) 

(87) 


independently of the value of q. As q takes on all integral values, • • • , —2, 
— 1, 0, 1, 2, • • • , each such b is congruent to r, and all such b form a class 
of numbers which we call a residue class, a is called the modulus. 


Examples : 

2 11 = 1 (mod 23). 

2 29 = —1 (mod 59). 

(Fermat’s Theorem) 

a 7^ 0 (mod p) —> a 1 * -1 1 (mod p). 

(Euler’s Criterion) 

N 2 = a (modp) <-> a (p_1)/2 = 1 (modp). 


For any a > 0, and any 6 we can always write Eq. (87) with 0 g r < a. 
Corresponding to a modulus a, there are therefore a distinct residue classes, 
and the integers 0 , 1 , 2 , • • • , a — 1 belong to these distinct classes, and 
may be used as names for these classes. Thus we may say 35 belongs to 
residue class 3 modulo 16. 

“Congruent to” is an equivalence relation , in that all three characteristics 
of such a relation are satisfied. Specifically: 

Reflexive. For all 5, (88a) 


b ss b (mod a). 


Symmetric. 

b = c (mod a) implies c = b (mod a). 


(885) 


Transitive. (88c) 

b = c (mod a) and c s= d (mod a) 
implies b = d (mod a). 

All the numbers in a residue class are therefore congruent to each other 
(mod a). 

The utility of residue classes comes from the fact that this equivalence 
is preserved under addition, subtraction and multiplication. Thus we have 

Theorem 28. Letf(a , b, c, * • • )be a polynomial in r variables with integer 
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coefficients. That is, f is a sum of a finite number of terms, na%^ • • * , each 
being a multiple of a product of powers of the variables. Here n is an integer 
and a, 0, • • • are nonnegative integers. If a l , &i, Cj , * • • are integers, and if 

Ni =f(a l ,b 1 ,c l , ••• ), (89) 

and if 

a i = 02 , h = b 2 y ci = c 2 , • • • (mod ilf) (90) 

then 

N 2 = /(o 2 , b 2 , C 2 , • • • ) S3 iVi (mod M). (91) 

Proof. The reader may easily verify that if Eq. (90) is true, then so are 
ai + bi = a 2 + b 2 (mod M), 

di — h = 02 — b 2 (mod M), (92) 

aj)i = avb 2 (modM). 

By induction, it is clear that any finite number of these three operations 
may be compounded without changing the residue class, and since any 
polynomial, Eq. (89), may be thus constructed, the theorem is true. 

Corollary. If f(a) is a polynomial in one variable, then 

a = a' (mod M) implies /(a) = /(a') (mod M). 

This simple theorem allows us to use the residue classes as a tool for 
those arithmetic and algebraic problems which we discussed on page 54. 
Consider some simple examples. 

(a) To verify that 7|10 6 — 1, we may write 

10 6 e= 3 6 (mod 7) 

since 10 = 3. But 

3 2 = 2 and thus 10 6 = 3 6 = 2 3 = 1 (mod 7). 

Therefore 

7 J 10 6 - 1 . 

(h) To determine if 167 divides Mm , we may proceed as follows: 

2 s = 256 = 89 (mod 167) 

2 16 s 89 2 = 7921 = 72 (mod 167) 

••• 2 32 b 72 2 = 5184 = 7 (mod 167) 

2 64 = 49, and 2 67 = 49-8 = 58 (mod 167) 

••• 2 83 = 2 67 -2 16 = 58-72 a 4176 - 1 (mod 167) 

167|2 83 - l. 
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The advantage of the congruence notation is clear. What we really want to 
know here is whether 2 83 and 1 are in the same residue class, and in our 
computation of 2 83 we continually reduce the partial results to smaller 
members of the residue class, thus keeping the numbers from becoming 
unduly large. 

(c) Aside from advantages in the computation of results, there is also 
an advantage in their presentation . Thus to show that 64112 32 + 1, the 
presentation 

6700417 
64114294967297 

lacks the property of being easily checked mentally. But consider 
640 = 5-128 = 5-2 7 = -1 (mod 641). 

5 4 '2 28 = 1 (mod 641). 

But 5 4 = 625 s -16 - -2 4 (mod 641). 

/. — 2 32 = 1 (mod 641) 
or 2 32 + 1 0 (mod 641). 

Here the arithmetic is easily verified mentally. 

(d) The proofs of some of the theorems in the previous chapter could 
have been written more compactly in the new notation. For example, on 
page 27, if q\N 2 — 2, then 

N 2 = 2 (mod q) 


and directly we may write 

2 q ^ N 2Q = 1 (mod q). 

Thus by setting up an algebra of ambiguity (page 55) we have simul¬ 
taneously rid ourselves of the “some integer K” (page 27) which is 
clearly redundant and merely extends the computation. 

But to complete our algebraic tools we need division also, and for this we 
have 

Theorem 29 (Cancellation Law). If be = bd{mod a) and ( b, a) = 1 then 
c = d(mod a). 

This is only a restatement of Theorem 6 in the new notation. We will 
reprove it using this notation. 

Proof. If (5, a) — 1, from Eq. (7), page 9, we have 

nb = 1 (mod a). 


(93) 
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Therefore if 

be = bd, nbc = nbd, or c = d (mod a). 

Equation (93) is the key to our next topic, the Residue Classes as a 
Group. 

Exercise 37. Prove Theorem 22, page 35, and Theorem 21i, page 35, in 
the congruence notation. 

Exercise 38. Verify that 

1823|il/9ii. 


23. The Residue Classes as a Group 

In the previous sections the integers were the sole objects of our atten¬ 
tion, and, as long as we considered the residue classes merely as a tool, 
this remained the case. We now consider a system of residue classes as a 
mathematical object in its own right, and, in particular, we study the 
multiplicative relationships among these classes. 

For a modulus m there are m residue classes, which we designate 0,1, • • • , 
m — 1, the ath class being that which contains the integer a. The system 
of these m classes is therefore not infinite, like the integers, but is a finite 
system with m elements. By the product of two classes a and b we mean the 
class of all products dibi where 


(i\ = a and b x = b (mod m). 

By Eq. (92) all these products lie in a residue class, say c, and we write 

ab s= c (mod m). 

For example, for m — 7, we have the following multiplication table: 


\b 

a 

0 

1 

2 

3 

4 

5 

6 

0 

0 

0 

0 

0 

0 

0 

0 

1 

0 

1 

2 

3 

4 

5 

6 

2 

0 

2 

4 

6 

1 

3 

5 

3 

0 

3 

6 

2 

5 

1 

4 

4 

0 

4 

1 

5 

2 

6 

3 

5 

0 

5 

3 

1 

6 

4 

2 

6 

0 

6 

5 

4 

3 

2 

1 


ab = c (mod 7). 
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If (a, m) = 1 and a = cn (mod m), we have (ai, m) = 1. Thus we 
may say that the residue class a is prime to m. Now if ( a , m) = 1 we have 
an af and m f such that 

a'a + m'm = 1 (94) 

and conversely. Therefore 

a'a = 1 (mod m). (95) 

Definition 16. We may call the a and a in Eq. (95) the reciprocals of 
each other modulo m, and write 

aT 1 = a' (mod m). (96) 

We may therefore characterize the <l>(m) residue classes prime to m as 
those which possess reciprocals. If (a, m) = (6, m) = 1, then so 
is (ab, m) = 1, by Theorem 5, Corollary. In fact, since 

cT 1 ab~ l b = 1 (mod m), 

we have explicitly 

(ab)^ s a~ l b~ l (mod m). (97) 

We will have occasion, say in Eqs. (103a) and (104a) on page 66, and 
in Eq. (136) on page 100, to calculate the reciprocal of a modulo m. This 
we do by obtaining Eq. (94) from Euclid's Algorithm as on page 9. 
Equivalently, one may utilize the continued fraction (12) on page 12 
with the term l/q n omitted. This fraction we evaluate by the method on 
page 183 below. The denominator so obtained, or its negative, is the 
reciprocal of a modulo b. This follows from the analogue of Eq. (271), 

Definition 17. A group is a set of elements upon which there is defined 
a binary operation called multiplication which 

(A) is closed , that is, if 

c = ah, 

then c is in the group if a and b are; and 

(B) is associative, that is, 

( ab)c = a(bc) 

for every a, b and c. 

Further, 

(C) the group possesses an identity element (write it 1) 
such that 

la = a 

for every a; and also 

(D) it possesses inverse elements (write these aT 1 ) such 
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that 

a^a = 1 

for every a. 

Thus the residue classes prime to m form a group under the binary 
operation multiplication modulo m. The postulates (B) and (C) are 
trivially true, while closure (A), from Eq. (97), and inverses (D), from 
Eq. (96), both stem from Eq. (94), that is, from Euclid’s Theorem 5. 

Definition 18. If the operation in a group is commutative, that is, if 

ah = ha 

for each a and 6, the group is called Abelian. If the number of elements in 
a group is finite, the group is finite, and the order of the group is the number 
of elements. 

Definition 19. The group of <t>(m) residue classes prime to m, under 
multiplication modulo m, we call a modulo multiplication group , and we 
write it . It is a finite, Abelian group of order <t>(m ). 

The theory of finite groups is a large subject, into which we shall scarcely 
enter. We shall confine ourselves primarily to 2f Xl m . Nonetheless, there is a 
value here in introducing the more abstract Definition 17, and that lies 
in the economy of this definition. In any theorem, say for , which we 
deduce from these four postulates, we have a certain assurance that re¬ 
dundancies and irrelevancies have not entered into the proof. Pontrjagin 
puts it this way: 

“The theory of abstract groups investigates an algebraic operation in 
its purest aspect.” 

Several of our foregoing theorems have a simple group-theoretic in¬ 
terpretation. We will illustrate them using the multiplication table for 3fll 7 . 


1 

2 

3 

4 

5 

6 

2 

4 

6 

1 

3 

5 

3 

6 

2 

5 

1 

4 

4 

1 

1 _ 

5 

2 

6 

3 

5 

3 

1 

_ 

6 

4 

2 

6 

5 

4 

3 

2 

1 


(Note that the row and column headings are omitted, since the first row 
and column also serve this purpose.) 
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Theorem 17 says that if 

aai = Vi (mod 7) 

the are a permutation of the —that is, each row in the table contains 
every element. But this is true for every finite group. 

Again, Theorem 22 says that 

xai = a (mod 7) 

has a unique solution—that is, each column in the table contains every 
element. Again, this is true for every finite group. 

Since in an Abelian group the rows and columns are identical, we now 
realize that Theorem 22 is essentially a restatement of Theorem 17. We 
have seen previously that Fermat’s Theorem 13 may be deduced either 
from Euler’s Theorem 14, or from Euler’s Theorem 21 1 , and we now note 
that the corresponding underlying Theorems 17 and 22 are also equivalent. 
Euler’s Theorem 14 says that (a, 7) = 1 implies 

a 6 1 (mod 7). 

Again, for every group of order n, a n = 1 is valid for every element a. 
In fact, the whole subject of finite group theory may be thought of as a 
generalization of the theory of the roots of unity. It is not surprising, then, 
that Fermat’s Theorem plays such a leading role, seeing, as we now do, 
that it merely expresses the basic nature of any finite group. 

The three theorems just discussed hold for 9(TC m whether m is a prime or 
not. But Euler’s Criterion does not generalize so simply. This criterion 
states that 

a Hv) i 2 = 1 (mod p) <-> n 2 = a (mod p). (98) 

But consider m — 8 and m = 10. In both cases %<t>(m) — 2. Now for the 

modulus m — 10, the implication (98) still holds. But for m = 8, we have 

3 2 = 1 (mod 8) 

while 

n = 3 (mod 8) 

has no solution. This is a difference which we shall investigate. It is as¬ 
sociated with a particular characterization of the groups for every m 
which is prime, and for some m which are composite; namely, that these 
groups have a property which we shall call cyclic . 

Exercise 39. Write out the multiplication tables for 3Tl 9 and 9fHi 4 . (If 
you use the commutative law, and the generalized Theorems 17 and 22 
mentioned above, you will save some arithmetic.) 
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Exercise 40. If (a, m) = 1, show that 

a” 1 = a* (m)_1 (mod m). (99) 

Further, if (a, m) — g } a = ag, and m = ju g, 
then a! = a* (M)_1 

and m' = (1 - </ (m) )//x 

are integers that satisfy 

a'a + m'm — g. 

24. Quadratic Residues 

Definition 20. Any residue class lying on the principal diagonal of the 
multiplication table is called a quadratic residue of m. That is, a is a 
quadratic residue of m if 

x = a (mod m) 

has a solution x which is prime to m. If (a, m) = 1, and a is not a quadratic 
residue of m it is called a quadratic nonresidue . When the meaning is clear, 
we will sometimes merely say residue and nonresidue. 


Examples: From 


1 

CO 

5 

7 

3 

1 

7 

5 

5 

7 

1 

3 

7 

5 

3 

1 


1 

3 

7 

9 

CO 

9 

1 

7 

7 

1 

9 

3 

9 

7 

3 

1 


(mod 10) 


we see that 8 has 1 as its only quadratic residue, while 10 has both 1 and 9. 
From the table on page 61, 7 has 1, 2, and 4 as quadratic residues. 

From Definition 12, page 33, it is clear that if p|a, a is a quadratic 


residue of p, or is not, according as j = +1 or —1. Or, we may say, 

(p) = * or * accor ding as a is or is not a square modulo p. 

Theorem 30. Every prime p = 2P + 1 has exactly P quadratic residues , 
and therefore also , P quadratic nonresidues. 

Proof. In the proof of Euler’s Criterion on page 36 we showed that if 

= +1 there are exactly two incongruent solutions of x = a (mod p). 
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Since each of the 2 P classes 1, 2, • • • ,2 P has a square, there are exactly 
P distinct squares. 

Definition 21 . If = +1 we write \4 (mod p) for either solution of 

— a (mod p ). For a = 0, \/0 — 0. For = *—1, y/a does not exist 
modulo p. 


Exercise 41. For every modulus m, the product of two residues is a 
residue, and the product of a residue and a nonresidue is a nonresidue. 
For every prime m and for some composite m, the product of two non¬ 
residues is a residue, while for other composite m, the product of two 
nonresidues may be a nonresidue. 


Exercise 42. Theorem 30 may be generalized to read that the number 
of residues is \<j>{m) for some composite m, but not for others. 

Exercise 43. For which primes p — 24k + b does 9 Wl p contain \/— 1, 
a/ 2, or \/3 ? Examine all eight possible combinations of the existence 
and the nonexistence of these square roots. 


25. Is the Quadratic Reciprocity Law a Deep Theorem? 

We interrupt the main argument to discuss a question raised on page 
46. The Quadratic Reciprocity Law states that for any two distinct primes, 
V = 2 P + 1 and q — 2Q + 1, p and q are both quadratic residues of each 
other, or neither is, unless PQ is odd. In that case, exactly one of the primes 
is a quadratic residue of the other. The theorem follows at once from 
Theorem 27 with the use of Definition 20 and Euler’s Criterion. 

The Quadratic Reciprocity Law is often refered to as a “deep” theorem. 
We confess that although this term “deep theorem” is much used in books 
on number theory, we have never seen an exact definition. In a qualitative 
way we think of a deep theorem as one whose proof requires a great deal 
of work—it may be long, or complicated, or difficult, or it may appear to 
involve branches of mathematics the relevance of which is not at all ap¬ 
parent. When the Reciprocity Law was first discovered, it would have 
been accurate to call it a deep theorem. But is it still? 

Legendre’s Reciprocity Law (so named by him), involves neither the 
concept of quadratic residues, nor the use of Euler’s Criterion, as we have 
seen. With the simple proof given on page 45, we would not consider it a 
deep theorem. 

Now divisibility questions of the form 

q\N 2 - a 
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are clearly somewhat more involved than those of the form 

q\a Q - 1, 

since a Q — 1 is a specific number, while in N 2 — a, N is unspecified and 
may range over 2 Q possibilities. Therefore it is not surprising that the 
Quadratic Reciprocity Law lies a little deeper than does Legendre’s Re¬ 
ciprocity Law. 

But even in the best of Gauss’s many proofs, the theorem still seemed 
far from simple. It is of some interest to analyze the reasons for this. 

(a) In his simplest proof, the third, Gauss starts with the “Gauss 
Lemma,” (Exercise 30). From this, and a page or so of computation, he 
derives another formula. If a is odd: 

(j) = (-1)" (p = 2P + 1) 

where 

(ioo) 

Here [ ] is the greatest integer function, defined on page 14. Now it ap¬ 
pears that with Eq. (100) Gauss has already dug deeper than need be. What 
we need is the parity of the sum, y + y', (page 46). The individual ex¬ 
ponent, M y is not needed, and, if it is obtained nonetheless, it is clear that 
this is not without some extra effort. 

(b) Gauss then proceeds to prove that 

§[?]+£ [7] = ^ <““> 

by the use of various properties of the [ ] function. Here we see irrele- 
vancies. What has the [ ] function to do with the Quadratic Reciprocity 
Law? Later Eisenstein simplified the proof of Eq. (101), but only by bring¬ 
ing in still another foreign concept—that of a geometric lattice of points. 
This is all very nice theory—but it all takes time. 

(c) Finally there is a point which we may call “abuse of the congruence 
symbol.” We have shown many uses of the notation, = (mod p). But 
this symbol may also be misused. Suppose we write Eq. (78) as follows: 

qa = r (mod p), (102) 

and inquire as to the number of odd a’s for which r is even. There are three 
things wrong with such an approach. 
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(1) We are interested not in one group , but in the interrelation 
between two groups 9fTC p and Stflg, and, for this, the congruence notation is 
not helpful. 

(2) There are no “even” and “odd” residue classes. If a is even, then 
a + p = a is odd. 

(3) Most important is the following. The concept “congruent to” is 
of value when, (as on page 54), we don't care what the quotient is. But 
inEq. (78), 

qa = pa' + r, 

the quotient a', for the divisor p, is also a coefficient of p in evaluating 
( p\q ). And the quotient a is a coefficient of q for ( q\p ). This is precisely 
where the reciprocity lies, and, if we throw it away, as in Eq. (102), we 
must work the harder to recover it. 

Exercise 44. Evaluate (13|l7) by Eq. (100). Compare page 44. 

26. Con gruential Equations with a Prime Modulus 

In Sects. 23 and 24 we developed reciprocals and square roots modulo m. 
With these we may easily solve the general linear and quadratic con- 
gruential equations for a prime modulus. These are 

ax + b = 0 (mod p) (p|a) (103) 

and 

ax 2 + bx + c = 0 (mod p) ( p\a ;). (104) 

The reader may easily verify that the solutions are the same as those given 
in ordinary algebra, that is, 

x = —a~ l b (mod p) (103a) 

and 

x E5 (2a) _1 (— b =b \/b4ac) (mod p). (104a) 

Therefore, “as” in ordinary algebra, Eq. (103) has precisely one solution, 
while Eq. (104) has 2, 1, or 0 solutions depending on whether 
(6 2 — 4ac|p) = +1, 0, or —1. 

Examples : 

(a) 3x + 2 = 0 (mod 7). 

Since 3” 1 = 5, x = —10 = 4 (mod 7). 

(b) 3x 2 + 4x + 1 = 0 (mod 7). 

Since b 2 — 4ac = 4 is a quadratic residue of 7, with square roots 2 and 5, 
we have x = 6 -1 ( —4 db 2) = 6 or 2 (mod 7). 

(c) 2x 2 + 3z + 2 = 0 (mod 7). 

Since 9 — 16 = 0 (mod 7) there is only one solution, namely 1 (mod 7). 
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The algebra here is so much like ordinary algebra because the residue 
classes modulo a prime form a field, just as the real or rational or complex 
numbers form a field. Thus, just as group theory applies to so does 
field theory apply here. An important theorem in field theory states that 
an nth degree polynomial can have at most n roots. 

Theorem 31. At most n residue classes satisfy the equation: 

f{x) = a n x n + a n ~ix n ~ 1 + • ■ • + a 0 = 0 ( mod p) (105) 

with a„ ^ 0 (mod p) * 

Proof. Let Eq. (105) have n roots, x x , x 2 , ■ ■ • , x n . Dividing f(x) by 
x — x\ we obtain f(x) = ffx) (x — xf) + ci . But since p\f(xi) we find 
pfi . Therefore 

/(*) = fi(x)(x — xi) + kp. 

Repeating this operation with fx(x), then ffix), etc., we obtain 

f(x) = a n ix - Xi)ix — Xi) ■■■ ix - x n ) + pgix) 

for some polynomial g(x). Now if there were an n + 1st root x n+1 , not 
congruent to one of the others, we would have 

d /(•£«■+1) = (in(%n +1 Xi) (x n +i X 2 ) * * * (x W 4l — Xn) (mod p ) 

Therefore, by Theorem 6, Corollary, a n s 0 (mod /?), contradicting the 
hypothesis. 

We will use this theorem later when we investigate primitive roots. 
We could have used it earlier, together with Fermat's Theorem, to prove 
Euler's Criterion. 

^If N s a (mod q), then N 2Q = a Q (mod q) and, by Fermat's Theorem, 
a ° — 1 (mod q). The converse is the more difficult. But from Theorem 30 
there are Q quadratic residues. Therefore, from what we have just shown, 
there are Q solutions of a Q - 1 = 0 (mod q). But by Theorem 31, there 
can be no other solutions. Therefore a Q = 1 (mod q) implies N 2 = a (mod 
«)• 

If p is not a prime, in Theorem 31, there may be a greater number of 
solutions. (Where does the proof break down?) Thus 

x == 1 (mod 24) 

has 8 solutions, and so does 

x ^ x (mod 30). 

The equation x = x (mod m) is particularly interesting, because in any 

* Since x* = x, x^ 1 = x 2 , etc., for every x (mod p), any polynomial of order higher 
than p - 1 may be reduced to one of order not higher than p - 1. 
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field the two roots, 0 and 1, are the identities for addition and multiplica¬ 
tion respectively. If m is divisible by more than one prime, we shall see that 

x = x (mod m) (106) 

has more than 2 solutions, and that each one may serve as an identity 
element in a multiplicative group. Thus 

x = x (mod 10) 

has 4 solutions 0, 1,5, and 6. In addition to the set 9TC™ , of elements 1, 3, 7, 
and 9, which form a group with 1 as the identity, so likewise 2, 4, 6, and 
8 form a group modulo 10 with 6 as the identity, and 0 and 5 form groups 
of one element each, by themselves. 

Exercise 45. Show that 

2x + 5x + 5 =s 0 (mod 7) 

has no solution. 

Exercise 46. Find the 8 solutions of 

x = x (mod 30) 

and show that corresponding to each solution there is a multiplicative 
group of residue classes, modulo 30, with that solution as the identity. 

Exercise 47. Just as in Exercise 40, Eq. (99), we have an explicit 
formula for a reciprocal, a~ l modulo m, so, for some prime moduli, we 

have an explicit formula for a square root. Show that if p = 4 m + 3, 

and (a\p) = +1, then y/a = a m+1 (mod p). In particular 

4* +1 s \/2 (mod 8k + 7). 

Also show 

a k + dT k = \/2 (mod 8k + 1) 

where a is any quadratic nonresidue of the prime 8k + 1. Thus we may 
compute %/2 explicitly for all the prime moduli for which it exists. 

27. Euler’s <t> Function 

On page 62 we noted that while certain theorems for , with m 
a prime, could be extended to all 37l m , or even to all finite groups; others, 
such as Euler’s Criterion, could be extended to for some composite 
m, (say m = 9, 10), but not for others, (say m — 8, 12). In Exercises 
41 and 42 there were closely related extensions, again valid only for some 
composite m. Likewise, back in Exercise 25 there was such an extension. 
We are concerned now with the underlying structural reasons for these 
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differences. For this analysis we will want a better knowledge of Euler’s 

<j> function. 

Our first result is 

Theorem 32 (Euler). If 

N = pVp ? • • • pl n , (107) 

then 

..(!-!). (108) 

In the proof of Eq. (108) the main work is done (and constructively) by 
Theorem 33 . If A > 0, B > 0, and (A, B) = 1, the AB numbers 

m = Ab + Ba 

with a ~ 0, 1, • • • , A — 1, and fe = 0, 1, •••,£ — 1, belong to distinct 
residue classes modulo AB. Further, if in m, the a’s are confined to the <t>(A) 
numbers prime to A, and the Us to the <h{B) numbers prime to B, then the 
corresponding 4>(A)(j)(B) numbers m are all prime to AB. 

Proof. If 


Abi + Bai = Ab 2 + Ba 2 (mod AB) 

then Abi = Ab 2 (mod B) and Ba x s= Ba 2 (mod A). But since (A, B) — V 
by Theorem 29, bi = b 2 (mod B) and a x = a 2 (mod A). Furthermore’ 

M = Afi + Ba = Afi (mod B). 

Since (A, B) = 1, and if (0, B) = 1, we have y prime to B. Likewise 
if (a, A) = 1, /x is prime to A. Therefore if (a, A) = (0, B) = 1, /x is 
prime to AB. 

Corollary. If A > 0, B > 0, and (A, B) = 1, then 

4>(AB) - <l>(A)<t>(B). (109) 

Proof. The <t>(A)<t>(B) numbers /u just indicated are prime to AB, and 
not congruent modulo AB. Furthermore, each such i± is congruent to 
exactly one integer satisfying 0 < x < AB. No other of the AB numbers 
m = Ab + Ba are prime to AB, for if {a, A) ^ 1, then m is not prime to 
A, nor therefore to AB. Similarly for b and B. This proves Eq. (109). 

Proof of Theorem 32. If N x = p\ l , the numbers g Ni and not prime 
to iVj are the multiples of p x ^ N\ . Since there are pT 1 of these, we have 

(l - I) , 

and by applying Eq. (109) n — 1 times we obtain Eq. (108). 
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Another important result concerning 4>(N) is 

Theorem 34 (Gauss). If N > 0, 

Z<t>(d)=N, (110) 

d 

where the sum on the left is taken over all positive divisors d of N. 

Example: N = 341 has four positive divisors, 1, 11, 31, and 341. 

0( 1) + 0( 11) + 0(31) + 0(341) = 1 + 10 + 30 + 300 = A. 
Proof. Consider the equation 

(x,N)=^ (111) 

where d is a positive divisor of N and x can be 1,2, ■ • • , N. Any solution 

N N 

x of Eq. (Ill) must be a multiple of — ,x = k ~, where 1 ^ k ^ d. Further 
any such x will be a solution if and only if (k y d) = 1, since mk + nd = 1 

and conversely. There are therefore 0(d) solu¬ 
tions. Since every l^a:^ satisfies anEq. (Ill) for one and only one d, 
we obtain Eq. (110). 

Theorems 32 and 34 could lead us off in several directions. Thus 

(a) From Theorem 32, Euler proved Euclid’s Theorem 8 as follows. If 

M = 2-3-5 ••• p n 

and if there were no primes <M other than 2, 3, - * * , p n we would have 

♦(*> i) 

On the other hand, we now have an upper bound: 

t r(M) ^ 0(M) + n. 

As n —■» oo, we see that 

decreases monotonically and, if we are investigating 7 r(N) we are led to 
the question of estimating the right side of Eq. (112). 

(b) Perhaps it was such a consideration which led Euler to his famous 
identity: 


implies m 


4 


, AT N 

+ nN = -j- 
d 


±l = n(i-t ) _1 (*>D 

P \ v ) 


( 113 ) 
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wherein the infinite product on the right is taken over all primes. This 
identity, in the hands of Riemann and others, led eventually to a proof of 
Theorem 9. If $ = 1, the harmonic series on the left, 1 + J + | + • • • , 
diverges. If there were only a finite number of primes, the product on the 
right would remain finite and yet equal to the series on the left. This con¬ 
tradiction gives another proof of Theorem 8. Again, if $ = 2, we have 


oo 1 

Ev 

»=i n 2 



so that if Theorem 8 were false we would have x 2 equal to a rational num¬ 
ber. This is known to be false, and if this latter does not already assume 
Theorem 8, we have still another proof. 

(c) Equation (108) also leads to mean value theorems for <t>(N) and 
<t>(N)/N as N —> oo, and to an interesting relationship between 4>(N) 
and <t(N ), the sum of the positive divisors of N. 

(d) Theorems 32 and 34 have a relationship, via the so-called Mobius 
Inversion Formula , which has an important generalization. 

But we shall follow none of these diverging leads at this time. What is 
now in order is a deduction of primitive roots using Theorem 34. 

Exercise 48. Since (a, N) = 1 implies ( N — a. N) = 1 , 6(N) is even 
if N > 2. 


Exercise 49. Verify Theorem 34 for N = 561. 

Exercise 50. Verify Theorem 34 for N = 30. What is the relationship 
between this partition of 30 and that of Exercise 46? Hint: Compare the 
proof of Theorem 34 with the membership in the eight groups. 

Exercise 51. Find several multiplicative groups modulo 561 other 
than 9fH 56 i. 


28. Primitive Roots with a Prime Modulus 
For every a prime to m 

a <P(m) ^ j (mod m), 

but for some a, a smaller exponent, s, may suffice for 

a 8 = 1 (mod m) 

to be satisfied. Thus for any quadratic residue of m, (if m > 2) we have 

a*> (m)/2 = 1 (mod m). 

Definition 22. If (a, m) = 1 and e is the smallest positive exponent such 
that 

a 1 (mod m) 

we say a is of order e modulo m. 


( 114 ) 
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Example : If a = 10 and m is a prime 2 or 5, then the order e is also 
the period of the periodic decimal 1/m. Thus 10 is of order 3 modulo 37, 
as on page 55. (It is probable that this definition, and Definition 23, 
Theorem 35, and Theorem 36 which follow, all stem from Gauss’s early 
studies in periodic decimals mentioned on page 53. See Exercise 8S on 
page 203 for a plausible reconstruction of Gauss’s line of thought.) 

Theorem 35. If (a, m) = 1, and a is of order e, then if 

a f = 1 (mod m) 

we have e\f. In particular e\<f>(m). Further , a 1 , a 2 , a 3 , • • • , a e belong to e 
distinct residue classes modulo m. 

Proof. We have m\a e — 1 and m\a f — 1, and by Theorem 10, m\a g — 1 
where g — (e, f) . Therefore g ^ e. But g < e by the definition of e. There¬ 
fore e = g and e\f. Further, if a 61 = a 62 (mod m), and e ^ e\ > e 2 ^ 1, 
we have a ei ~ 62 = 1 (mod m), which again contradicts the definition of e. 

Theorem 36 (Gauss). If d\p — 1, where p is a prime , there are <j>(d) 
residue classes of order d modulo p . 

Proof. From Theorem 35, if a is of order e modulo p, then a 1 , a 2 , a 3 , ■ ■ • , 
a e are e distinct residue classes. They are thus e distinct solutions of 

x e = 1 (mod p), 

and, by Theorem 31, there can be no others. Each class of order e modulo 
p is therefore contained among these e classes. But if r ^ e and (r, e) ^ 1, 
let r = sg and e — tg with g > 1. Then 

(a r y = ( a e y S 1 (mod p), 

and we find that d is of order ^t < e. Let \p(e) be the actual number of 
classes of order e. Then, by Theorem 35, if e If p — 1, \f/(e) = 0, and 
if e |p — 1, we have just shown that 

yf(e) ^ <h(e). (115) 

But since every class, 1, 2, • • • , p — 1 is of some order modulo p we have 

X i(d) = v - 1 

d 

where the sum is taken over all positive divisors of p — 1. Since from 
Theorem 34 we now have 

E [<*>(<*) - *(d)] = 0, 

d 

and since, from Eq. (115), each [<t>(d) — $(d)\ ^ 0, we obtain 

\[/(d) = <t>(d) 


for every d. 
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Definition 23. If (a, m) = 1, and a is of order <£(ra) modulo m, we call 
a a primitive root of m. In particular, for a prime modulus p, a primitive 
root of p is a residue class of order p — 1. 

Example : Since, on page 53, the decimal expansion of j is of period 6, 
3 = 10 is a primitive root of 7. 

The importance of Theorem 36 is that it guarantees (nonconstructively!) 
a primitive root for every prime modulus. This result—that is, every prime 
modulus has a primitive root—is one of the fundamental theorems of 
number theory. It is the basis of the theorems which we shall obtain in 
this chapter concerning the structure of the m m groups. In particular, it 
is the basis of the structural differences which we sought at the end of 
Sect. 23 and the beginning of Sect. 27. It implies that 9 U p is a cyclic group. 

Exercise 52. For every divisor d of 12, determine the <t>(d) residue classes 
of order d modulo 13, in particular, determine the 4 primitive roots of 13. 

Exercise 53. For every prime p > 2, 1 is of order 1 and p — 1 is of 
order 2 and these are the sole residue classes of these orders. 

29. 9TC P as a Cyclic Group 

Definition 24. A group is cyclic if it contains an element g , called a 
generator , such that every element a in the group may be expressed as 


for some integral exponent, positive, negative, or zero. 

By Theorem 36, p has <f>(p — 1) distinct primitive roots. Let g be any 
one of these. Since, by the last sentence of Theorem 35, g y g 2 , • • • , g 
are all distinct, g serves as a generator for 9TC P , and thus 9TC P is cyclic. 
By rearranging the rows and columns of the table for 9TC? on page 61, 
and since 3 is a primitive root of 7, we obtain 


1 

3 

2 

6 

4 

5 

3 

2 

6 

4 

5 

1 

2 

6 

4 

5 

1 

3 

6 

4 

5 

1 

3 

2 

4 

5 

1 

3 

2 

6 

5 

1 

3 

2 

6 

4 


where the kth element in the first row is congruent to 3* \ Here 3 is the 
generator, and the (n + l)st row is obtained from the first by a left, n 
shift, cyclic permutation. 
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Some composite m may also have a primitive root; thus 2 is one for 9. 


1 

2 

4 

8 

7 

5 

2 

4 

8 

7 

5 

1 

4 

8 

7 

5 

1 

2 

8 

7 

5 

1 

2 

4 

7 

5 

1 

2 

4 

8 

5 

1 

2 

4 

8 

7 


(mod 9) 


For any modulus m > 2 which possesses a primitive root g , regardless 
of whether m is prime or composite, it is almost immediate that if a = g n 
(mod m) , then a is a quadratic residue of m or not according as n is even 
or odd. Further, there are exactly \<t>(m) residues. Further (Euler’s Cri¬ 
terion generalized), a is a residue if and only if a^ (m) = 1 (mod m) . Further, 
the product of two nonresidues is a residue. We will determine later which 
composite m have a primitive root, and therefore also these other properties. 

Exercise 54. Prove the “if” part of Wilson’s theorem (page 37) using 
a primitive root of the prime q. Hint: evaluate the sum 1 + 2 + • ■ • + 
(q — 1) modulo q — 1. With reference to Exercise 25, generalize the proof 
here to those composites m which have primitive roots. 

Definition 25. Two groups <2 and (B are said to be isomorphic if every 
element a of d may be put into one-to-one correspondence with an ele¬ 
ment b of (B, 

a^b 

in such a way that if a\ b\ and a* ^ b 2 , then a\a 2 ^ bib 2 . That is, the 
correspondence is preserved under the group operation. Starting with the 
a’s and performing first the mapping, a —» 6, and then the product, we will 
obtain the same result as if we first perform the product, and then the 
mapping. In an isomorphism, therefore, these two operations may be com¬ 
muted. If Ct and (B are isomorphic, we write 

a © 


and we consider them to be the same “abstract group.” 

It is easily seen that two cyclic groups of the same order are always 
isomorphic. Thus 

under the mapping 


(mod 7) 3 n — 2 n (mod 9). 
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Or, if we prefer, under 

(mod 7) 5 n 5 n (mod 9), 

since 5 is a primitive root of both moduli. 

The group of the mth roots of unity, e 2Wm , for a = 0, 1, • • • , m — 1, 
under ordinary multiplication; the group of rotations of the plane through 
360a/m degrees, for a = 0, 1, • • • , m — 1, under addition of angles; and 
the group of the m residue classes under addition modulo m, are all iso¬ 
morphic. They all are the same abstract group—namely, the cyclic group 
of order m. We designate this group as e m . 

The isomorphism between for a prime p and <B p _i suggests a circular 
representation of 2fTC p , which eliminates the obvious redundancy in the 
multiplication table for , and which we illustrate for p = 17: 



Here 3 is the generator and successive powers of 3 correspond to successive 
rotations thru 22\°. Or 3 -1 = 6 may be considered the generator and its 
powers are strung out in the opposite direction. Two residue classes at 
angles a and (3 have a product at an angle a + 0. In particular, reciprocals 
lie at an equal distance from 1 in opposite directions. The residue — 1 = 16 
is thus its own reciprocal, and the only class of order 2. It follows that 
residues on opposite ends of a diameter add to 17; each is congruent to 
the other’s negative. The quadratic residues are 1, 9,13,15, etc. 

It is well known that historically =ti = v 7 --1 did not attain full re¬ 
spectability until it was interpreted as a rotation of 90°. If p is an odd 
prime, 9Tl p will have a \/--T if and only if p = Am + 1. We now see the 
significance of this, in that only allows a rotation of exactly 90°. Thus 
for p ~ 17, in the diagram, we have 4 and 13 as the two values of 

We see also that Euler’s Criterion, 


a =^-j(modp), 


and his even more celebrated formula, 


= (~D n , 
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are very intimately related. Euler was no doubt the world’s most prolific 
mathematician. A modern mathematician, looking at the last two equa¬ 
tions, may be tempted to say, “No wonder, he works both sides of an 
isomorphism.” But better judgment at once prevails—had Euler not 
worked both sides, the isomorphism may not have been discovered. 

Exercise 55. Show that 9TCi4 ^ 9 TI 9 and give two distinct mappings. 

Exercise 56. Show that other circular representations of SHIn may be 
obtained from the given one by starting at 1 and taking steps of k- 22\° 
where (k } 16) = 1 . More generally, if g is a primitive root of p, g k is also, 
if and only if (fc, p — 1) = 1. 

Exercise 57. Show that 


9TX 8 ^ 9TC 12 


but 


9TX 8 5* SITio. 

Show that 91X 8 is not cyclic. 

30. The Circular Parity Switch 
In 1956 the author invented the following unusual switch. 



Definition 26. A circular parity switch of order N has a stator (S) with 
2 N equally spaced divisions. At N of these there are contacts (C). Their 
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locations are arbitrary except that no two contacts lie on a diameter. There 
is a rotor ( R) which may assume the 2N angular positions, and attached 
rigidly to R, at any of the 2N divisions on the hub, are N hands (H). 
Again, their location is arbitrary except that no two lie in the same diam¬ 
eter. Let m hands be touching contacts in a particular position of the rotor. 

Theorem 37. As the rotor turns , (in either direction ), m will be alternately 
even and odd. 

Example: In the special case for N — 8 in the diagram, a clockwise 
rotation will give the following periodic m sequence: 5, 2, 5, 4, 5, 4, 3, 4, 
3, 6, 3, 4, 3, 4, 5, 4, repeat. 

Proof. Opposite each hand in a rotor is a space . Let a complete group 
of contiguous hands with no spaces in between be called a bunch , and 
reading clockwise let the first hand in a bunch be called a trailing hand , 
and the last hand, a leading hand. Let a complete group of contiguous 
spaces be called a gap. Put each trailing hand Ti into correspondence wdth 
the leading hand Lj immediately preceding the space opposite Ti . There 
is such an Lj since preceding Ti there is a space Sj. Opposite Sj is a hand. 
Since this is followed by the space Si which is opposite Ti , the hand is a 
leading hand. 

Now as the rotor turns one division (clockwise), the only changes in m 
which need be counted are those in which a leading hand picks up a contact 
or a trailing hand drops one. For if a nonleading hand picks up a contact, 
it was dropped by the hand ahead of it; and if a nontrailing hand drops a 
contact, it is picked up by the hand behind it. But there was either a 
contact under Ti or in S { , but not both. Therefore either Ti will drop this 
contact, or Lj will pick it up, but not both. The contribution of the pair 
of hands towards changing m is therefore =tl. 

But starting at Ti , and going clockwise to Lj , we will pass k bunches 
and 7c — 1 gaps. And the remaining bunches in the other half of the rotor 
may be reflected into these 7c — 1 gaps. Thus the total number of bunches, 
2k — 1 , is odd, and the number of pairs, Ti and Lj , is therefore also odd. 
But a change in m by an odd number of ±1 means a change of parity. 

We now ask, how many distinct rotors of order N are there—that is, 
rotors that cannot be transformed into each other merely by rotation? 
Call this number R(N). If N is an odd prime, we obtain an old friend. 

Set aside the special rotor Ei consisting alternately of one hand and one 
space. Consider any other rotor of order N, and in particular consider the 
pattern of hands and spaces in a block of N consecutive divisions. This 
pattern may be represented by an A-bit binary number, with ones for 
hands, and zeros for spaces. Excluding the two possible patterns in R+ : 


1010 • • • 01 
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and 0101 • • * 10, 

any of the 2* — 2 remaining patterns is a legitimate one, and will occur 
in precisely one rotor Ri . It cannot occur in two, since the remaining N 
divisions of Ri must have the complementary pattern, and therefore Ri 
is completely defined. If a different block of N consecutive divisions in Ri 
is examined, a different pattern must be found. For if two patterns in Ri 
were identical, Ri would have to be periodic, with a period less than 2 N. 
This period must divide 2 N. The period cannot be the prime N, since we 
know that complementary blocks of N divisions have complementary 
patterns, not the same. The period cannot be 2, since we excluded those 
two patterns. Thus Ri must have 2 N different patterns. Therefore 

m) = +1, die) 

and since R(N) is an integer, we have reproven Fermat’s Theorem 12. 

A second application of the parity switch is this. Consider the circular 
diagram for 2fTC p (page 75) as a stator, with contacts at the even numbers. 
This is a legitimate stator since opposite each even e is the odd p — e 
as we showed on page 75. Let the rotor have hands which, in one position, 
point to every odd number. If the hand pointing to 1 is now brought 
around to the number a, the (p — l)/2 hands will point to the ( p — 1) /2 
products 


1 - a, 3-a, 5-a, • * • , (p — 2) - a (mod p), 

and let m of these products be even. Since in the rotor’s original position 
m is 0, by Theorem 37 m will be even or odd according as a is a quadratic 
residue or not. That is, 

(?) - 

Thus we have reproven a combination of Euler’s and Gauss’s Criteria 
with the aid of a switch. 

31. Primitive Roots and Fermat Numbers 

By characterizing 3Tl p as a cyclic group, for every prime p, we have gone 
the limit in its structural analysis. A cyclic group is the simplest type; 
and we may say that there remain no questions concerning its structure. 
But the content of that structure is quite another matter. Thus we know, 
at once, that 2fll 7 ^ C6 : 
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But until we compute a primitive root we cannot (completely) assign the 
residue classes to suitable billets. (Where p — 1 = — 1 goes is simple 
enough.) 

Given a prime p, it is always possible to compute a primitive root by 
trial and error, since is finite. For p > 2, a quadratic residue of p is 
clearly not a primitive root of p. For if a is a quadratic residue of p = 2P + 1 
we have a P = 1 (mod p) by Euler’s Criterion. Thus the order of a modulo 
p is P or smaller. Further, for p > 3, p — 1 = — 1 is not a primitive root, 
since (— 1) 2 = 1. But with these obvious exceptions, and with no deeper 
theory, one might now examine the remaining residue classes in search of a 
primitive root. Gauss, and others, have devised more efficient techniques, 
but no general, explicit , nontentative method has been devised, and this, 
like a good criterion for primality, remains an important unsolved problem. 

The converse problem is even harder. Given an integer g , for which 
primes p is g a primitive root? Not even in a single instance is it known 
that there are infinitely many such primes p . For example consider 

Theorem 38. If p = 4 m + 3 and q = 2p + 1 are both prime , — 2 is a 
primitive root of q. 

Example : 

— 2 = 5 is a primitive root of 7. 

Proof. There are 0(2 p) = p — 1 primitive roots of q . None of the p 
quadratic residues, a, of q can be a primitive root, as above. Nor can — 1, 
which is not a quadratic residue, be a primitive root. Thus any other 
quadratic nonresidue is a primitive root, and —2 is always one, since 

( 2| q) — — (2| q) M n — ~1 z> • 

Therefore if Conjecture 4 were true we could prove the existence of 
infinitely many q with —2 as a primitive root. 

Similarly, if the weaker Conjecture 5 were true, we could utilize 

Theorem 39. If p and q = 2p + 1 are both odd primes , —I is a primitive 
root of q. 

Example : 

—4 = 3 is a primitive root of 7. 

The proof of Theorem 39 is left for the reader. Another theorem of 
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slightly different character is 

Theorem 40. If F m — 2 2m + 1 is a prime, with m 1,3 is a primitive 
root of F m . 

Example : 

3 is a primitive root of 5 = Fi and of 17 — E 2 . 

Proof. Since <t>(F m — 1) = \{F m — 1), we see that in this (unusual) 
case any quadratic nonresidue of F m is also a primitive root. But 

F m = 5 (mod 12) 
by induction, since Fi = 5, and 

F m+ 1 = (F m — 1 ) 2 + 1 . 

Therefore, by Theorem 20, (3| F m ) = — 1. 

Here, again, we do not know whether there are infinitely many Fermat 
numbers , F m , which are prime. Fermat thought all F m might be prime, 
but said he couldn’t prove it. Euler showed, however, that 641 \F h , as on 
page 58. Aside from the five primes, F m for 0 ^ m ^ 4, no other prime 
F m has been found. On the contrary, F m for 5 ^ m g 16, at least, are 
all composite. Any prime F m corresponds to a constructable regular polygon, 
(Gauss, page 52). Like the Mersenne numbers, (page 18), the Fermat 
numbers, (page 13), are all prime to each other. 

There are three possibilities: 

(a) Only finitely many F m are composite. 

(b) Only finitely many F m are prime. 

(c) Infinitely many F m are prime, and infinitely many are composite. 
If (a) or (c) were true, we could find infinitely many primes with 3 as a 
primitive root, but actually possibility (b) is the most likely. We will 
return to this question in Exercise 36S, page 214. 

Exercise 58. Criticize the word “explicitly” in the last sentence in 
Exercise 47. Investigate possibilities of remedying this flaw. 

Exercise 59. Find a primitive root of p — 41. 

Exercise 60. Find 16,188,302,110 primitive roots of q — 32,376,604,223. 

Exercise 61. If p = 4 m + 3 > 3 and q = 2p + 1 are both primes, 
there are at least three successive integers, g, g + 1, and g + 2, which 
are all primitive roots of q . 

Exercise 62. Using residue arithmetic, show that 

274177|F 6 . 

32. Artin’s Conjectures 

It is easily seen that — 1 is a primitive root only for the primes 2 and 
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3 ; +1, and all odd squares, are primitive roots only for the prime 2; and 
any even square is never a primitive root. In spite of the negative results 
of the previous section, the evidence is sufficient to warrant our stating 

Conjecture 13 (Artin). Every integer a, not equal to — 1 or to a square , is 
a primitive root of infinitely many primes . 

It is likely that a stronger result is true: 

Conjecture 14 (Artin). If a ^ b n with n > 1, and if v a (N) is the number 
of primes S N for which a is a primitive root , then 

v a (N) ~ 0.3739558 t r(N). (117) 

This conjecture was made by E. Artin in a conversation with H. Hasse 
in 1927. It states that for a = 2, 3, 5, 6, 7, 10, etc., approximately f of all 
primes will have a as a primitive root, and that this asymptotic ratio, 
0.37 • • • , is independent of a. (If a is a cube or some other odd power, 
there is a minor complication, wdiich need not concern us here.) 

We shall explain presently the coefficient in Eq. (117), and the heuristic 
reasoning behind Eq. (117). But first we examine two tables based on 
counts, v a (N ), given by Cunningham (1913). 


a 

x„(10,000) 

^(10,000)^(10,000) 

2 

470 

.3824 

3 

476 

.3873 

5 

492 

.4003 

6 

470 

.3824 

7 

465 

.3784 

10 

467 

.3800 

11 

443 

.3605 

12 

459 

.3735 



.3806 av. 


ivyio,ooo 

x 2 (iV) 

V 2 (N)/t(N) 

vio(N) 

viq(N)/tt(N) 

1 

470 

.3824 

467 

.3800 

2 

840 

| .3714 

865 

.3824 

3 

1205 

.3713 

1234 

.3803 

4 

1570 

.3735 

1587 

.3776 

5 

1923 

.3746 

1947 

.3793 

6 

2263 

.3736 

2296 

.3791 

7 

2589 

.3733 

2639 

.3805 

8 

2928 

.3736 

2975 

.3796 

9 

3274 

.3758 

3291 

.3777 

10 

3603 

.3756 

3618 

.3772 

----j 


.3745 av. 


.3794 av. 
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In the smaller table we see that v a is substantially independent of a 
for the eight smallest positive integers not equal to a power. In the larger 
table, for the two most studied cases, a — 2 (related to perfect numbers), 
and a = 10 (related to periodic decimals), we see that v a (N) /t(N) changes 
only slightly with N. 

A probability argument which makes Conjecture 14 plausible runs as 
follows. Consider a = 2, and the primes p S N. For every p choose a 
primitive root g and write g m = 2 (mod p) and (m, p — 1) = G. What is 
the probability that 2| G? Except for p = 2, p — 1 is always even, and m 
is even in one half the cases—that is, when 2 is a quadratic residue of p . 
Since G must be 1 if 2 is to be a primitive root of p , we delete these cases, 
leaving, in the mean, (1 — §)7r(A) primes. What is the probability that 
3|Cr? Except for p — 3, all primes are 3k + 1 or 3k + 2, and therefore 
3\p — 1 in one-half the cases, while 3\m in one third the cases. Eliminating 


the remaining primes where 3\G we are left with 




primes. Continuing with 5|(?, 7|G, etc., we are left with 


A-v(N) 


primes with G — 1, where the coefficient A (called Artin’s constant), is 
given by the infinite product: 


A ? ( l p(p - 1 )) ■ 


(118) 


The argument may be improved somewhat by using Theorem 16 and 
analogous results, but this improvement does not suffice to constitute a 
real proof of Conjecture 14. For any other nonpower a , the argument is 
unchanged, but for a — 8, say, we have 3\m in all the cases where 


p = 3k + 1. This changes the factor 


0 



and we find 


instead 


v 8 (N) ~fA7r(A),etc. 


J. W. Wrench, Jr., has recently completed a highly accurate computa¬ 
tion of Artin’s constant. He gets 

A = 0.37395 58136 19202 28805 47280 54346 41641 51116 ••• . (119) 

If Artin’s Conjecture 14 proves as obdurate as the conjectures of Sect. 12— 
and there is little doubt that it will—Wrench’s Eq. (119) should suffice as 
a check on any empirical studies of v a (N) for quite a long time. 

There is distinct tendency for v a (N)/ tt(N) to run high for small values 
of N —that is, for this ratio to approach A from above, aside from fluctua- 
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tions. This may be noted in both tables above, and also, more clearly, in 
the following data: v 2 (N)/tt(N) = 0.3988, 0.3861, 0.3857, and 0.3849 for 
N = 1000, 2000, 3000, and 4000. This tendency has an interesting ex¬ 
planation. If a prime does not have 2 as a primitive root, the reason, four 
times out of five, is that (2|p) — +1. These latter primes are those of the 
forms 8k ± 1. While it is true that these primes are equinumerous to those 
of the forms 8Jc rt 3, nonetheless there is a definite tendency for the class 
of primes 8A: + 1 to lag behind the other three classes. See page 21 for 
some data. This interesting lag (which we will discuss in Volume II) has 
the consequence that (1 — §), the first factor in A, is too small for these 
modest N , and therefore, in general, v 2 (N) runs too high. 

33. Questions Concerning Cycle Graphs 

We now concern ourselves with the structure of 2f XI m with m not neces¬ 
sarily a prime. A good insight into these structures will be gained by the 
study of the cycle graphs of these groups. 

Definition 27. If (a, m) = 1 and a is of order e modulo m, the e residue 
classes a 1 , a 2 , a 3 , • • • , a e are called the cycle of a modulo m. The definition 
may be clearly generalized to any finite group. 

Definition 28. If a set S of elements in a group g is closed under the 
group operation, and contains the identity and the inverse of each of its 
elements, it is called a subgroup of g. In particular, g itself is also a sub¬ 
group of g. 

It is clear that each cycle of is a cyclic subgroup of . A diagram 
of a group, which shows every cycle in the group, and the connectivity among 
these cycles, is called a cycle graph of the group. It generalizes the circular 
diagram of 9 Hi 7 on page 75. On pages 87-92 we show cycle graphs for 14 
nonisomorphic groups. We will first make some comments, and we will 
then raise some questions. 

Let our point of departure be the cycle graph of 20l 55 on page 88. It is 
of only moderate complexity, and thus is best adapted to illustrate the 
concept. The powers of 2 (mod 55), namely 1, 2, 4, 8, 16, 32, 9, 18, etc., 
constitute the cycle of 2 modulo 55. This cyclic subgroup of 9H 55 is of order 
20, and is easily seen in the graph. Now 53 = —2 (mod 55) is not in this 
subgroup. Therefore the cycle of 53, which is also of order 20, is connected 
to the cycle of 2 only at their even powers, that is, at the quadratic residues. 
Similarly 51 = —4 has a cycle of order 10 which is connected to that of 4 
at their even powers. Finally, the cycle of 29 completes the 40 = <t>(55) 
residue classes in 3T7 55 . No residue class is of order 40 modulo 55 and there¬ 
fore 3TC 6 5 is not cyclic. 

Now let us back up to some smaller composite moduli. The smallest m 




84 Solved and Unsolved Problems in Number Theory 

for which 9 k m is not cyclic is 8 . This is a well-known group of order 4—the 
“Four” group. Here 3, 5, and 7 are all of order 2, and their 3 cycles are 
connected only at their common square, 1. Since 9k ] 2 ^ 9k 8 , their cycle 
graphs look alike—in fact, if 3 is replaced by 11 , they are identical. 

The next noncyclic group is 9k 3& . Here four residue classes are of the 
highest order, 4, and the cycles for 2 and 7, say, are connected at their 
common square, 4, and common fourth power, 1 . Two other cycles are 
those of 11 and 14. It is clear that in the cycle graphs we are concerned 
only with the ordering in, and topology of, the cycles. The actual size, 
shape, or location of the various cycles is not meant to be of significance. 
As with the circular diagram for SfTln , we can easily read off the powers, 
order, and inverse of every residue class. 

It may be seen that 

9k 15 ^ 9k 36 ^ 9^20 ^ 9k 30 . 

9k 24 is also of order 8 , but is not isomorphic to 911] 5 , or to any other 9k m . 
It has only one quadratic residue. 

9 TC 21 , which is isomorphic to 9k 28 , 9k 36 , and 9k 4 2, may be generated by 
the three cycles of 10, 11, and 17. These three cycles are connected at the 
three quadratic residues. 

9 k 54 is cyclic and isomorphic to 9ki 9 . 

9 k 63 really needs three dimensions. The four bunches, of three cycles 
each, regroup, after passing through the quadratic residues 4, 25, 37, and 
22, into three bunches of four cycles each. After passing through the square 
roots of unity 62, 8, and 55, they again regroup, etc. By “needs three 
dimensions” we mean, of course, that it cannot be drawn in two dimen¬ 
sions without some cycles crossing each other. In three dimensions 9k 63 may 
be neatly represented as four 9k 2 i-like structures, in four planes separated 
by angles of 45°, and joined together at the four square roots of unity, 1, 
62, 8, 55. 

Now we wish to ask several questions. 

(a) For which m are the 9k m cyclic? 

(b) Which 9k m are isomorphic? Generally when we pass from m to 

m + 1, we obtain a totally different pattern, e.g., m = 54, 55, 56, 57. But 
9k 3 $k 4 , 9k] 5 ^ 9k i6 , and, more spectacularly, 9ki 04 ^ 9ki 05 . 

(c) For which m are the cycle graphs three-dimensional; as in m = 63, 
and, even more intricate, in m = 91? 

(d) We note definite lobal patterns. Thus 9k 57 has nine lobes of the 
same type of which 9k 2 i has three, and 9k 8 , one. Again, 9k 66 has three lobes 
of the type of which 9k 24 has one; and 9k 55 possesses five 9ku-type lobes. 
We ask, what is the structure of the various types of lobes, and how many 
such lobes may a group have? 
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(e) Can we characterize 9 til m by a formula? Given m, we wish to deter¬ 
mine the structure of 9Tl m by an (easily computable) formula. We recall, 
in this connection, that the structure of 9Tli 7 is clear even before we compute 
a primitive root. 

(f) If 9TC m is cyclic there is an a of order <£(ra) modulo m. But if 9TC m is 
not cyclic what is the largest order possible within the group? 

(g) If 9TC m is cyclic there are \<h{m) quadratic residues, but if ffl m is not, 
how many are there? 

(h) Finally we note, from group theory, that every group of order 4 is 
either isomorphic to 3TCs or to the cyclic 3TC 5 . There are only two abstract 
groups of order 4. Of order 8, there are five abstract groups, with cycle 
graphs as follows: 




We see that two of them are isomorphic to groups. The cyclic group 
C8 SfTCm , but it is a subgroup of an 9Tl m group. Namely, Cs is isomorphic 
to the group of quadratic residues of 9^ 17 —that is, to the cycle of 2 modulo 
17 (see page 75). 

The remaining two groups are well-known non-Abelian groups; Q is the 
quaternion group, and £> 4 is the octic group (the symmetries of a square). 
Since their multiplications are not commutative, they cannot be isomorphic 
to any VK m , or subgroup thereof. Therefore every Abelian group of order 
8 is isomorphic to a subgroup of an 9Tl m . 

We now ask, is every finite Abelian group isomorphic to a subgroup of 
an 3TC m ? 

We close this section with a useful theorem. 


Theorem 41. In every finite Abelian group , if x 2 = a possesses n solutions 
x, then every square , y 2 = b, possesses n solutions. In particular , in 9T l m , 
every quadratic residue has an equal number of square roots modulo m. 

Proof. Let a have n square roots, x x , x 2 , • • • , x n . Let b have at least 
one, yi . Then each element 


Vi = ViXi x Xi 

for i = 1 , 2, • ■ • , n satisfies iji = b since y? 


( 120 ) 

y*x{~ 2 x? = ba~ l a = b. 




86 Solved and Unsolved Problems in Number Theory 

Further, if = yj , we have yf'yi = X\yi^yj, and thus Xi = xj . There¬ 
fore no square in the group can have fewer square roots than any other 
square. 

It follows that if the cycle graphs for Q and £> 4 represent groups, (and 
they do), these groups cannot be Abelian, since in the octic group the 
identity has 6 square roots, while a second element has only 2. In the 
quaternion group the situation is reversed. 

Exercise 63. Show that </>(m) — 8 has exactly five solutions m , and 
that therefore 9TC 24 is isomorphic to no other 9. 

Exercise 64. Each of the 7 rows in the table on page 47 form a sub¬ 
group of DTt 2 4 isomorphic to 91Z 8 • 

Exercise 65. 9tti 5 has both abstract groups of order 4 as subgroups. 

Exercise 66 . The quadratic residues of m constitute a subgroup of 
3 U m . Call it Q m . Then Q 55 ^ 3Tln and Q 65 ^ 9TI 2i . But Q 6 3 is isomorphic to 
no 3T lm . Also Q 54 ^ Q 57 , etc. 

Exercise 67. Draw a cycle graph for 3 TI 33 . 

Exercise 68 . Determine the periods of the decimal expansions of 5 V and 
by examining the cycle graphs of 3Tt 5 7 and 3TC 63 . 

Exercise 69. Determine 11 _1 , 47 _1 , and the four square roots of — 1 
modulo 65. 

Exercise 70. Determine the order of 2 modulo 85. Interpret the result 
in terms of the equation F q FiF 2 + 2 = F 3 . Compare Exercise 4. 

Exercise 71. Let a finite group of order m contain a subgroup of order 
s. Then s\m. This is called Lagrange 9 s Theorem —it generalizes Theorem 35. 

Exercise 72. There is only one abstract group of a prime order—the 
cyclic group. 
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34. Answers Concerning Cycle Graphs 

We shall prove 

Theorem 42 (Gauss). is cyclic—that is, m has a primitive root—if 
and only if m is one of the following: 

m — 2, 4, p n , or 2 p n 
where p is an odd prime and n ^ 1. 

Example. 

9Tl 5 4 is cyclic, since 54 = 2-3 3 . 

Which sni m are isomorphic? To answer this we need 

Definition 29. By <j> m we mean a particular factorization of <j>(m) ob¬ 
tained as follows if m > 2 : 

(A) Factor m into its standard form: 
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m = Pl ai p 2 a * ■ ■ ■ p n an . (121) 

(B) For each odd prime p< write <£(p* a< ) = (p. — l)p t “ <_1 in a modified 
standard form 

<t>(vn = <Qi bl ><q^> * • • <3>><pr>, (122) 

by factoring pi — 1 into the prime powers q**, and, if a t > 1, by including 
the last factor. The symbol means that the prime power is written 

as a single number, e.g., <5 2 > = 25. 

(C) If pi = 2andif a x > 1 wewrite0(4) =2,0(8) =2*2,0(16) =2*4, 
and, in general, 

0(2 O1 ) = 2*<2° 1_2 > ( ai ^ 3). (123) 

If ai = 1, we omit this step. 

(D) Now combine (C) and (B) into a modified standard factorization 
of 0(m): 


0 m = 2*2 ••* 4*4 ••• 8 ••• 3*3 ••• 9 •*• 5 ••• (124) 

Here 0(ra) is factored into primes, and powers of primes, and we take 
care not to multiply factors of 2 with those of 4, etc. 


If m — 2, we write 0 2 = 1. 

Examples: 

m = 105 = 3*5*7 
m = 104 = 8*13 
ra = 65 = 5*13 
m = 15 = 3*5 
m = 16 
m = 24 = 8*3 
ra = 63 = 9*7 
ra = 17 

Now we can state 

Theorem 43. and 2flT m " are 
identical. 

Examples: 


0io5 = 2 *2 *4 *3 
0io4 = 2 *2 *4 *3 
065 == 4*4*3 
0i 5 = 2*4 
0i6 — 2*4 
024 = 2*2*2 
0 63 = 2*2*3 3 

017 = 16 

are 


isomorphic if and only if 0 m / and 0 m >> 


2^104 ^ 9Hi05 9^ 91T 6 5 

91Xl5 v— 9H-16 V— 9H24 

2fTC 4 o ^ 2fTC 4 8 ^ 2fTti7 (verify). 
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Exercise 73. If k is odd, 9fTC* ^ 9TC 2 fc. If k is prime to 3 and 4, 9TC 3J fc ^ 9fTC 4 jfc. 
If k is prime to 7 and 9, 9nx 7 fc ^ 9119* . 

Exercise 74. Show that the 9T l m are isomorphic for m = 35, 39, 45, 52, 
70, 78, and 90. 

Exercise 75. Show that the 9T l m are isomorphic for m = 51, 64, 68, 
and 102, but for m = 51, 80, 96, and 120 we obtain 4 distinct abstract 
groups of the same order. 

The last two theorems both follow from a more powerful result. To 
state this, it is convenient to modify the last definition to 

Definition 30. By we mean a particular factorization of 4>(m) ob¬ 
tained as follows: 

For each distinct prime qi which divides 4>(m) we take the largest power 
<^qi bi ^> which appears explicitly in <j> m and multiply these powers together. 
The product we call a characteristic factor of 9Tl m . Setting this factor aside 
we repeat this operation with the remaining in <t>m . Then 4> w is 

the product of these characteristic factors 

■/*•••/- (125) 


where /i g f 2 ^ h * * * ^ fr • 
Examples : 


$104,105 

= 2-2-12 

$65 

= 4-12 

$15,16 

= 2-4 

$24 

= 2-2-2 

$63 

= 6-6 

$17 

= 16 


Then we will have 

Theorem 44. If 4> w is the product of r characteristic factors fi , for each fi 
there is a residue class q % , of order fi modulo m, such that every residue class 
aj in 91 l m can be expressed as 

a 3 = 0i Sl,, V 2J * * * 9r Tti (mod m) (126) 

with 0 ^ s it j < fi 


in one and only one way. We say that 9F W is the direct product of the r cycles 
of the g t . 
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Example : 

For m = 15, <f>i 5 = 2-4, and we may take gi — — 1 = 14 (mod 15), of 
order 2, and 0 2 = 2, of order 4. Then each of the 8 residue classes in 2ffti 5 is 
s ( — l) a 2 b (mod 15) for one a and b such that 0 ^ a < 2, and 0 ^ b < 4. 

The representation, Eq. (126), of as a direct product of r cycles is 
the characterization we sought in question (e) on page 85. We shall see 
presently that Theorems 42 and 43 are consequences of Theorem 44. But 
so are two others: 

Theorem 45. If fi are characteristic factors of 3Tl m , then 

Ufi (127) 

if i g j. It follows that if f r is the largest characteristic factor of 9fTC m , 

a fr = 1 (mod m) (128) 

for every residue class a in SflX m . 

Comment : Equation (128) gives us a sharpening of Euler’s generalization 
of Fermat’s Theorem. Further, it is clear from Eqs. (128) and (126) that 
f r is the answer to question (f) on page 85. 

Theorem 46. If m > 2, and 2flX m has r characteristic factors , m has 
<t>(m) -2~ r quadratic residues , and each of these has 2 r square roots . 

Example : 


3 IZ 105 has ^ = 6 quadratic residues. 

Proof of Theorem 45. Equation (127) is clear from the construction 
of the fi in Definition 30. Then Eq. (128) follows at once from Eq. (126). 

Proof of Theorem 46. If m > 2, each contribution to <p m , Eq. (122) 
in step B, and Eq. (123) in step C of Definition 29, is even. Therefore it 
follows that each /< is even. It is then apparent, from Eq. (126), that a y is 
a quadratic residue of m if and only if each of its exponents, Sij is even. 
Since, by Theorem 41, each quadratic residue has an equal number of 
square roots, Theorem 46 follows. 

Proof of Theorem 42. If m = 2, 4, p n , or 2p n we find that 4> m = <t>(m) 
with only one characteristic factor, and therefore g x is of order <j>(m )—that 
is, g x is a primitive root. Whereas if m is divisible by two distinct odd primes 
or equals 4 k with k > 1, we find at least two characteristic factors. Since 
the largest, f r , is less than </>(m), by Eq. (128) there is no primitive root. 

Proof of Theorem 43. First we note, by the construction, that <fr m ' and 
<t> m » are identical if and only if and <f> m * are identical. Then if 4> m ’ and 
are identical, by the obvious mapping 
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we find that 2fTC W ' and are isomorphic. Conversely if they are isomorphic 
it is clear that <j>{m') — <£(m") and also, from Theorem 46, and 
must have the same number of characteristic factors. We say further that 
and must in fact be identical, for, if not, we compare 


with 


$m' =/l'-/ 2 ' •••// 


from right to left, and let // ^ //' be the largest factors which differ. 
Assume 

F = // < //' = G 

and let P be the product 

x f £ / _ £ tr £ ,f 4 rr 

Jj+1 Vi+2 * * * Jr — Jj+ljj+2 * * * Jr * 


Then the R = <$>(m')/P residue classes, 

ffi'V * 2 (129) 

obtained by allowing the s* to take on all values, all satisfy x F = 1 (mod m'). 
But all i? of the residue classes 


A2 2 ***gr, (130) 

do not satisfy = 1 (mod m") since g* is of order G > F. Let there be 
S < R residues, Eq. (130), which do satisfy x F == 1 (mod m ;/ ). All in all 
there are exactly RF r ~ 1 solutions of x F ^ 1 (mod m r ) since any of the R 
solutions of Eq. (129) may be multiplied by 

g'j+i +1 gj+2 +2 • • • g r ' 8r 


to yield another solution, if, and only if f j+k \sj+k’F for each k such that 
j + 1 ^ j + k ^ r. That is, each can take on the F values 


0, 



2fj+k 

F 


(F - 1 )f j+k 
F 


Likewise there are exactly SiP r “ J solutions of x F = 1 (mod m"). Since 
S < R it follows that 9Tl m ' and are not isomorphic unless <£ m ' and 
<t> m ” are identical, since, in any isomorphism, 1 must map into 1, and the 
x' such that x ,F = 1 must map into similar x". 

Theorem 44 is also one of the keys to the answer to the last question in 
Sect. 33, page 85. This answer is given by 

Theorem 47. Every finite Abelian group is isomorphic to a subgroup of 
9T l m for infinitely many different values of m. 

The two remaining questions in Sect. 33, (c) and (d), we shall here 
answer with less formality. We will state, without proof, that the cycle 
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graph of is three dimensional if has at least two characteristic 

factors which are not powers of 2 . Thus is three dimensional for m = 
63, 91, 275, and 341, since $ 63 = 6 - 6 , 4> 9X = 6 -12, $275 = 10-20, and $341 = 
10 - 30. See Exercise 19S, on page 206, for a sketch of the proof. 

On the other hand, if 

<f>m = <2“> • <2 l > • • • <2"> • <2 2 7V> 

where N is an odd number 2: 1 , the cycle graph will have N lobes, and each 
lobe is characterized by the formula {<^ 2 “^> • <^ 2 l ^> • • • <^ 2 "^> • <^ 2 *)>}. 
There are two different lobes of order 4 : 



Thus the cyclic 9Tl 13 has 3 of the {4}, while 3 Il 21 (page 87) has 3 lobes { 2 - 2 }. 
There are three different lobes of order 8 : the cyclic { 8 }; and 



as in 9fH 4 i, 3 TI 55 and 3R 5 6 respectively. 

There are five different lobes of order 16: the cyclic {16} in 3 Tt 17 ; {2-2-4} 
in 3 Hio 5 ; {4-4} in 3TC 65 ; {2-8} in 3TC . 32 (not shown); and {2-2-2-2} in 3 Ui 6 8 
(not shown). 

How many different lobes are there of order 2 "? The answer is p(n), the 
number of partitions of n. Thus p( 4) =5, since 4 may be partitioned (into 
positive integers) in five ways: 

4 = 4 

4 = 1 + 1 + 2 
4 = 2 + 2 
4 = 1+3 
4 = 1 + 1 + 1 + 1 




98 


Solved and Unsolved Problems in Number Theory 


We will return to the theory of p{n) in Volume II. To each partition of 
n = ni + n 2 + • ♦ • + n k there is a lobe of order 2 n : 

{<2 ni >-<2" 2 > ••• <2 n *>}. 

It will follow from Theorem 47 that for any such lobe, and for any odd 
N, there are infinitely many 9Tt m which have subgroups with a correspond¬ 
ing cycle graph. 

But it is not possible to have two lobes of {2-2}: 



since we have seen that this group is non-Abelian (page 86). And four 
lobes of {2-2} does not represent any group—even a non-Abelian. It may 
be shown that it violates the associative law. 

There remain the tasks of proving Theorems 44 and 47. 

Exercise 76. Find the relationship between r, the number of charac¬ 
teristic factors of , and the number of odd primes which divide m , and 
the power of 2 which divides m. 

Exercise 77. For any ay , in Eq. (126), which has every s itj even, find 
explicitly its 2 r square roots. 

Exercise 78. If (a, 561) = 1, then 

a 560 = 1 (mod 561). 

In particular, 56112 561 — 2. 

35. Factor Generators of 

We will prove Theorem 44 in three (rather long) steps. 

Lemma 1. Theorem 44 is true if m equals a prime power p n . That is, if 
p is odd, or if m — 2 or 4, m has a primitive root. If m = 2 n with n ^ 3, 
4> m = 2 • <f2 n ~ 2 ^> and we have the representation 

ay = (-l) 8i 3 tj ' {mod 2 n ) (131) 

where — 1 is of order 2, and 3 is of order 2 n ~ 2 . 

Proof. We know that each p has a primitive root h. We first show that 
either h or h + p is a primitive root of p 2 . For, if p > 2, from Eq. (13) 
with x = h + p,y — h, and n = p — 1, we have 

(h + p)*- 1 - }T l = p[(h + p)^ 2 + (h + p) p -\ + ■■■ +h p ~ 2 ) 
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and the square bracket has p — 1 terms, each of which is = h *~ 2 (mod p). 
But p\(p — 1 )h p ~ 2 and we thus have 

(h + p ) p ~ 1 ^ hT 1 (mod p 2 ). 

Therefore at least one of the numbers h and h + p —call it g —satisfies 

g **- 1 ^ 1 (mod p 2 ). (132) 

By Theorem 35, if g is of order e modulo p 2 , e\ <t>(p 2 ) — p(p — 1). But, 
since g is of order p — 1 modulo p, we have p — l\e. From Eq. (132), 
e 7 ^ p 1 and we therefore find e — (p — l)p, that is, g is a primitive 
root of p 2 . 

We thus have 

g v ~ 1 = 1 + kp (with p\k). 

By the binomial theorem 

= i+kp 2 + (fc P ) 2 p(p ~ 1} + t P 3 

for some t , and, if p > 2, 

g {p ~ 1)p — 1 + fc 2 p 2 (with p\k 2 ) 

since 

&2 == k + (^k 2 ^~~ 2 — “t” ^ P m 

By induction, for every odd p, 

geo-VP^ = l + hp S 

It follows, by the same argument as for p 2 , that g is also a primitive root 
of p s for every s. For 

9 iP ~ 1)pt ~ 2 * 1 (mod p s ) 

and thus g is of order (p — l)p s_1 modulo p s . 

For p = 2, we note 

3 2 = 1 + 8 

3 4 = l + 16 + 32 1 

3 8 = 1 + 32 + 64 u 

for integers t and u. By induction, 3 is of order 2 n ~ 2 modulo 2 n , if n ^ 3. 
But none of the 2 n-2 classes 

a y = 3 <? (mod 2 W ) 
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can be congruent to an 

a k ss —3 <fc (mod 2 n ), 

for, if so, we would have 

8|3 a + 1 

where a = \tj — t k \ • This is not possible since 3 a + 1 = 2 or 4 (mod 8) 
for every a. Therefore the representation given by Eq. (131) gives every 
residue class in . 

On page 90 we see the cycles of 3 and 63 = — 1 (mod 64). Each residue 
class — 3 a has been placed close to +3 a . 

Lemma 2. If the <£(A) classes ai in 2fTl A can be written 

ai = gi aili g* atti * • * g n an,i ( mod A) (133) 

where the factor generator gj is of order m } - modulo A , and 

mm 2 • • • m n = <t>(A); 

and if the 4>(B) classes bi in a cyclic W. B , with B prime to A , are written 

bi=g fii ( modB ), (134) 

then the <t>(AB) classes d in 3Hab can be written 

a = V 1 '(mod AB) (135) 

where the factor generator hj is of order rrij , and h is of order <t>(B) y modulo 
AB. 

Proof. Let 

k ^ B~\ 1 - g) (mod A) 

, (136) 
and kj = A (1 — gf) (modJ5) 

for j = 1, 2, * • • , n. Then set h = Bk + g, hj = Akj + gj , and we have 

h = Bk + g = 1 (mod A), 

hj = Akj + gj = 1 (mod JB), 0* = 1, 2, • • • , n). (137) 

We now say that Eq. (135) has the stated properties. For, since hj = 
< 7 y (mod A), hj is of order mj modulo A. Therefore 

hj 1 ** = 1 + sA and also = 1 + tB. 

Therefore sA = tB and, since (A, B) = 1, we have B\s. Thus hj is also 
of order my modulo AB , since, if it were of a smaller order modulo AB , 
this would imply a smaller order modulo A. Likewise h is of order <£(#) 
modulo AB. 
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For any fixed y * in Eq. (135), since h yi = 1 (mod A), th e<f>(A) values 
of Ci are = to the0(A) values of cu (mod A ), and therefore are incongruent 
modulo A. On the other hand, for two different values of yt , the Ci are 
incongruent modulo B. Therefore each of the 0(A)0(B) values of a are 
incongruent modulo AB, since they are either incongruent modulo A , or 
modulo B, or both. Since each a is prime to both A and B , each is prime 
to AB, and since <j>(AB) = <j>(A)4>(B ), the Lemma is proven. 

Therefore, given any 

m = p* l p2 a * • • • pn n , 

we can construct a representation of in the form Eq. (135) by treating 
each pt x by Lemma 1, and compounding them by Lemma 2. There re¬ 
mains the problem of putting the representation into the characteristic 
factor form, Eq. (126), of Theorem 44. 

Lemma 3. If g is of order AB modulo m with (A, B) = 1, the AB residue 
classes g c (0 ^ c < AB) can he written as a direct product 

g c == s a t b (mod m) (138) 

where s is of order A and t is of order B modulo m. Conversely , given two 
residue classes s and t , of orders A and B , with (A, B) = 1, the AB classes 
on the right of Eq. (138) are all distinct , and constitute the cycle of some g of 
order AB modulo m. 

Proof. Given g 7 set s ^ g B and t ^ g A . Then s is of order A, t of order 
B y and the AB classes 

S a t b s= g aB+bA (0 ^ a < A) (0 ^ b < B) 

are distinct by Theorem 33. Conversely, given s and t , consider the right 
side of Eq. (138). Now if 

s ai t hl = s a H h \ 

we have 

g°l“ a 2 ^ jfz—bi 

and 

| ^ ^(ai~a 2 )A ^ ^(& 2 —fci) A 

Then B\(h 2 — &i)A, and, since (B, A) = 1, we have bi = h 2 . Likewise 
a\ — a 2 . Thus the AB classes on the right of Eq. (138) are distinct. Now 
set g = st (mod m), and if g is of order e , then 

st e - 1. 

Thus, as before, A\e , and B\e. Therefore e = AB. Further if A _1 A = 1 
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(mod B) , we have 

A -1 A = kB + 1 , and A -1 (5 — a) A + a = k(b — a) B + b. 

Let 

/ A _1 (5 — a) A + a (mod AB) 

or 

/ == fc (6 — a)B + 6 (mod AB). 

Therefore g/ e= sV = (mod m) so that the cycle of g contains the AB 
residue classes, and no others. 

Thus, given any representation of 2 HT m , obtained by Lemmas 1 and 2 , 
we may decompose the cycles into cycles of prime-power order, as in <£ m , 
and then recompose them into the characteristic factors, as in 4> m . This 
completes Theorem 44, and therefore also Theorems 42, 43, 45 and 46. 

Previously we made the point that a primitive root for a prime modulus 
was proven to exist nonconstructively. We should now add that the sub¬ 
sequent steps in proving Theorem 44—that is, the foregoing three Lemmas— 
are all constructive, and involve explicitly given computations. 

We note that a representation of 3Tl m in the form of Eq. (135) is not 
necessarily unique, even as to the number of factors, and can involve as 
many generators as the number of factors in 4> m , or as few generators as 
the number of factors in 4> m . 

We may also note that the last Lemma can assist us in the finding of 
primitive roots. Thus 2 is of order 3 modulo 7 and —1 is of order 2 . There¬ 
fore — 2 = 5 is of order 6 , that is, 5 is a primitive root, etc. 

Exercise 79. A primitive root of p which is not a primitive root of p is 
hard to come by. Show that 10 is a primitive root of 487 but not of 487 2 by 
computing (10|487), and with reference to the congruences: 


100 3 S 189 

(mod 487) 

100 s = 51324 

(mod 487 2 ) 

189 s 3= 475 


51324 3 = 100797 


III 

tO 

to 

o 


100797 3 = 145833 


220 3 3 = 232 


145833 s - 78152 


232 3 s= 1 

(mod 487) 

78152 3 3 = 1 

(mod 487 2 ) 


Find a primitive root of 487 2 . Determine the periods of the decimal ex¬ 
pansions of 487~* and 487 -2 . 

Exercise 80. Find the fallacy in the following: If g is a primitive root 
both of p and of p 2 , then every primitive root of p has the same property. 
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“Proof.” Any primitive root h of p may be written h = g where k is prime 
to p — 1, and k < p — 1. But 

0 P “ 1 = 1 + sp (p\$). 

Therefore h P_1 = g {p ~ 1)k = 1 + ksp + tp 2 , or, since p\ks , we may write 

h v ~ x = 1 + up {p\u). 

Therefore h is of order p(p — 1) modulo p. 

Exercise 81. Given g, a primitive root of p n , with p odd, find a primitive 
root of 2 p n . 

Exercise 82. Determine a representation, Eq. (135), of 3 TC 35 by Lemmas 
1 and 2. It will be a product of two cycles of orders 4 and 6. Now decom¬ 
pose and recompose into a product 2*12 and thus map 9Tl 35 isomorphically 
into 2 fll 3 9 • 

Exercise 83. Investigate the degeneration of Eq. (131) into one char¬ 
acteristic factor for 2” = 2 or 4. Note: —1 = 3 (mod 4). 

Exercise 84. Show that 4\x 2 + 1, and therefore does not exist 

modulo 2 n for n > 1. But if were cyclic, \/ — l would exist if n ^ 3. 
Thus 2 n has no primitive root if n ^ 3. 

Exercise 85. Let n ^ 3. Show that r is a quadratic residue of 2 n if, and 
only if, r = 8k + 1. Thus 17 is the smallest positive integer, not equal to 
a square, which is a quadratic residue of 2”. Note that in the cycle graph 
on page 90 the quadratic residues of 64 are strung out in numerical order! 
What do you make of that? Also, the smallest positive a for which x + a 
is divisible by every power of 2, for some x, is a = 7. 

Exercise 86. For m - 2 n with n > 3, show that the two classes of 
numbers Sk + 1 and 8k — 1 play special roles in the structure of . 
But 8k + 3 and 8k — 3 play similar roles. How many subgroups of order 
2 n 2 are contained in 2fTl m ? Are they all isomorphic? Show that 3 may be 
replaced by 5 in Eq. (131). 

Exercise 87. If p is an odd prime, r is a quadratic residue of p n if and 
only if r is a quadratic residue of p. 

Exercise 88. If 2fF w is not cyclic, = 1 (mod m) for every a prime 
to m. Thus Euler's Criterion can be generalized only to composites of the 
form 2p n and p n with p odd, and to 4. Further, if is represented by Eq. 
(126) the product A of all the residue classes a t is given by 

4 = (0102 • * * 9 r ) U(m) (mod m), 

and thus lorA = +l according as is cyclic or not. Therefore 
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(compare Exercise 25 on page 38) Wilson’s Theorem, p\(p — 1 )! + 1 , 
like Euler’s Criterion, only generalizes to these same composites (Gauss). 

36. Primes in some Arithmetic Progressions 
and a General Divisibility Theorem 

To prove Theorem 47 (page 96), we will assume, from group theory, 
that every finite Abelian group d can be written as a direct product of 
cyclic subgroups. That is 

O'i = * * * Qn* n i (139) 

for every a t in d. The generator g 3 is of order m 3 and the order of d is 
the product m x m 2 • • • m n . This implies that the cycles of any two generators 
qj and g k have no element in common except the identity < 7 / = g k . 

Now the reader may verify that Lemma 3 above holds for every finite 
Abelian group, so that any representation, Eq. (139), may be decomposed 
into cycles of prime-power order. Assume this done, and that m 3 is now 
equal to p 3 ai for p 3 prime and a 3 ^ 1 . 

Now let 


N = q x q 2 • • * q n 

where q 3 is a prime of the form kp** + 1. Then 911* will contain a cycle of 
order q 3 — 1 = kpj ai generated by a residue class s 3 . Further tj = s/ 
(mod N ) has a cycle of order pf’ and the subgroup of 9F* generated by 

^ a n,i 

is isomorphic to d. 

Example : 

Let d be an Abelian group of order 9 represented by 

of 8 

a = x y 

where x and y are elements of d both being of order 3. Then d is isomorphic 
to a subgroup of 9 TC 9 i since 91 = 7*13 and 7 = 2 • 3 + 1 while 13 = 4-3+ 1. 
Specifically, starting with 3 and 2 as primitive roots of 7 and 13 respectively, 
and using Lemma 2 with A = 7, g x = 3, B ~ 13, g = 2, etc., we obtain 
a representation of 9 R 9 i as 

a = 66 a 15^ (mod 91) 

with 66 of order 6, and 15 of order 12. Then 66 2 s 79, and 15 4 = 29 are 
both of order 3, and d is isomorphic to the subgroup of 9 TC 9 i given by: 

79 a 29* (mod 91). 

(Note that d is also isomorphic to the subgroup of quadratic residues Q 63 , 
but this mapping is not obtained by the construction given above.) 
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But Eq. (139) may have an arbitrarily large number of factors of the 
same order, and therefore Theorem 47 follows if, and only if, there are 
infinitely many primes of the form kp*’ + 1 for every prime power p*’. 
This is a special case of Dirichlet’s Theorem 15 (page 22). But we have 
not proven Theorem 15. 

Special cases of Dirichlet’s Theorem may be proven by variations on 
the proof of Euclid’s Theorem 8. Thus if M is a product of primes of the 
form 4/c — 1, 4 M — 1 must be divisible by a different prime of that form. 
For if every prime divisor of 4 M — 1 were of the form 4/c + 1, so would 
their product be of that form. With a similar definition of M , we may use 
6 M — 1 to prove that there are infinitely many primes of the form 6A; — 1. 
Using our knowledge of quadratic residues, we may similarly show that 

M 2 + 2, M 2 — 2, and M 2 + 4 

must contain at least one new prime of the form 8k + 3 , 8k — 1, and 
8k — 3 respectively. Again 

h{M 2 + 1) and \{M 2 + 3) 

are divisible only by primes of the form 4& + 1 and 6k + 1 respectively. 

But it is clear that by such individual attacks we can never prove 
Dirichlet’s Theorem, since this encompasses infinitely many cases. For 
our present purpose we do not need Dirichlet’s Theorem in its full glory: 
There are infinitely many primes of the form ak + b for every ( a,b ) = 1.” 
It suffices if b = 1 and a is any prime power, and this we may obtain by a 
very useful generalization of Fermat’s Theorem 11. 

Theorem 48. Let m = p 1 with p prime and n positive . Let ( a , h) — 1 
x = a m , y = 6 m , and 


1 1 

H H 

II 

iNi 

= X*- 1 + zT'y + • • 

■ + xy p - 2 + y p ~\ 

(140) 

Then 




according as 

(x - y,z) = 1 or 

V 

(141) 

Secondly , 

(a — b,p) =1 or 

p- 


according as 

p\z or p\z 


(142) 


p\(a — b ) or p\(a ~ b). 

Thirdly , all other prime divisors of z are of the form, kp n + 1. 
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Before we prove Theorem 48 we shall give several applications, 

(a) If a = b + 1 we find that all divisors of 


(,b + l) mp - b mp 
(b + l) m — b m 


(143) 


are of the form kp n + 1. 

(b) If, in (a), b = 1, n — 1, and m = 1, we obtain Fermat’s Theorem 11. 

(c) If a = 2s, b = 1, p = 2, and n — 1 = t, we find that 




(2s) 2 ‘ +1 - 1 
(2s) 2 ‘ - 1 


- (2s) 2 ‘ + 1 


has divisors only of the form k2 t+1 + 1. 

(d) In particular, t = 1, 


(2s) 2 + 1 


(144) 


is divisible only by divisors of the form 4k + 1. 

(e) And 

(2s) 4 + 1 


is divisible only by divisors of the form 8k + 1. 

(f) And the Fermat Number, obtained from Eq. (144) by s = 1 and 

t = m, 

F m = 2 2m + 1, 

has divisors only of the form k2 m+1 + 1. 

(g) If a = 3s, b — 1, p = 3, and n = 1, we find that 

z =-— = a + a + 1 — \[(2a + l) 2 + 3] 

a — 1 

= H(6s + l) 2 + 3] 

has divisors only of the form 6fc + 1. 

(h) If p = 2 and n = 2, then, if (a, b) — 1, 

2 = a 2 + (145) 

a 2 — b 2 


has only 2 and primes of the form 4k + 1 as possible prime divisors, 

(i) Finally we complete the 

Proof of Theorem 47. In Eq. (143) let 6 = 1. Then 

2 mp - 1 


2 m - 1 
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has at least one prime divisor of the form p n k + 1. Given M , the product 
of a number of such primes, if a = M and b = M — 1, we find from Eq. 

(140) that the z there contains at least one more. For every prime power 
p n , there are therefore infinitely many primes of the form p n k + 1. By the 
construction on page 104 there are therefore infinitely many 2fTC m with 
subgroups isomorphic to any finite Abelian group. 

Proof of Theorem 48. Let g = (x — y, z ). Then y = x (mod g ), and, 
from Eq. (140), z = px v ~ l (mod g ). Thus g \ px p ~ l and also g\(x — y, px 9 ^ 1 ). 
But since (a, b) = 1, we have ( x , y) = 1, (x — y , x ) = 1, and 

(x - y, x p-1 ) = 1. 

Therefore g = 1 or p . Now, for every c , 

c = c p = c p2 s • • • == c m (mod p ) 

by Fermat’s Theorem. Therefore 

x — y ~ a™ — b m = a — b (mod p), 

and if p\(a — 6), p\(x — y) and g — 1. But if p\(a — b),y = x (mod p ) 
and, by Eq. (140), z = px 2>_1 (mod?>) or p\z and g = p . This proves Eq. 

(141) and the first part of Eq. (142). 

If q is a prime divisor of z, q\x p — y p or a pn = b pn (mod q). Thus q\a and 
q\b y for if it divided either, it would divide the other also, and this con¬ 
tradicts (a, b) — 1. Let 6 -1 satisfy b~% = 1 (mod q). Then 

(6”a) pn = 1 (mod q), 

and since 

(b-'a)*- 1 = 1 (mod q) 
by Fermat’s Theorem, we obtain, by Theorem 10, 

q\{b" l d) h - 1 

where h = (p n , q — 1). If h 7 ^ p n , we must have h\m = p 71 ” 1 . Then 

qKb^ar ~ 1 


or 

q\(z - y)- 

But, by Eq. (141), q can then be only p, and that only if p\(a — b). All 
other prime divisors of z , [that is, all prime divisors if p\(a — b)] y have 
h — p n and therefore are of the form q = kp n + 1. This proves the third 
part of the theorem and the second part of Eq. (142). 

With the foregoing theory we are now in position (in principle) to map 
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any finite Abelian group isomorphically into a subgroup of an and 
therefore to carry out algebraic computations within the group by ordinary 
arithmetic. An example is given in the following exercise. We quote from 
a recent article in a digital computer newsletter. 

Exercise 89. Binary and Decimal Machines 
and Isomorphic Operations. 

“ Certain operations, which are easy on binary machines, are 
awkward on decimal machines, and conversely. In particular, the 
logical AND, OR, and COMPLEMENT are naturals for binary 
machines while long numerical tables are often more quickly done 
on decimal machines since otherwise much machine time is used in 
binary-decimal conversion. 

“Sometimes a very binaryish operation can nonetheless be done 
decimally by using isomorphic operations. To illustrate this, consider 
the following example. 

“Let ‘octal biconditional’ be an operation which is designated by * 
and which is performed on two (three-bit) binary numbers, from 000 
to 111. Let 


A*B = C 

where A and B are two such numbers and the result C is a third. 
Then the first bit of C is a 1 if the first bits of A and B are equal. 
Otherwise, it is 0. The same rule holds for the second and third bits. 
“Examples: 



3*1 = 5 

(octal) 

since 

011*001 = 101 

(binary) 

Again 

5*4 = 6 

(octal) 

since 

101*100 = 110 

(binary) 


This operation, ‘octal biconditional/ arose in a practical problem, 
namely, ‘clipped autocorrelation.’ It would seem to be very awkward 
to carry it out on a decimal machine. 

“However, it is isomorphic to multiplication modulo 1000 according 


to the following 

mapping: 







° i 

octal 

0 

1 

2 

3 

4 

5 

6 

7 


l 

I 

l 

l 

t 

I 

I 

i ; 

decimal 

999 

751 

749 

501 

499 

251 

249 

i 


“For example, to compute 


3*1 



The Underlying Structure 109 


we may map 3 and 1 into 501 and 751 respectively, then multiply 

501 and 751 decimally . The last three digits of the product are 251 

and by mapping backward we find the answer, octal 5. Thus 

3*1 = 5 

as before.” 

Now the reader is asked to examine “octal biconditional” and, by com¬ 
paring this with $ 1000 , to show that an isomorphic mapping such as that 
given follows from the theory above. Is there another mapping into SUZiooo 
which does not use the same eight decimal numbers? Could we use m = 
100 instead of m = 1000? What is the smallest modulus possible? Find a 
mapping for this modulus. From the remarks concerning lobal patterns on 
page 97 describe the cycle graph for 9TZ 10 oo. Where, in this pattern, are 
the eight decimal numbers utilized above? 

Exercise 90. Find a prime of the form 9k + 1 by the recipe given in 
the proof of Theorem 47. Find the two smallest primes of the form 3/c + 1 
given by that recipe, and compare these with the two smallest primes of 
the same form which were used in the example on page 104. 

Exercise 91. From a book on group theory or modern algebra obtain 
definitions of quotient group and group of automorphisms. Let Coo be the 
group of all integers under addition. Let m > 0, and let be the mul¬ 
tiples of m. Let Ot m be the group of m residue classes under addition modulo 
m. Then & m is the quotient group Cco/<3oo <w,) . And 9TC m is isomorphic to the 
group of automorphisms of & m . And therefore every finite Abelian group 
is isomorphic to a subgroup of the group of automorphisms of a quotient 
group of an infinite cyclic group. 

Can this characterization of Abelian groups—which seems to involve 
only group-theoretic concepts—be proven independently of the number- 
theoretic results in Theorem 48? 

From the relationship between & m and 9Tl m explain the “coincidence” 
that the number of primitive roots of p and the order of SfTC p _i both equal 
<t>(p - 1). 

37. Scalar and Vector Indices 


If 3 is chosen as the primitive root of 17 we may have two tables: 


i 

0 

1 

2 

3 

4 

5 

6 

7 

8 

9 

10 

11 

12 

13 

14 

15 

a 

1 

3 

9 

10 

13 

5 

15 

11 

16 

14 

8 

7 

4 

12 

2 

6 


a 

1 

2 

3 

4 

5 

6 

7 

8 

9 

10 

11 

12 

13 

14 

15 

16 

i 

0 

14 

1 

12 

5 

15 

11 

10 

2 

3 

7 

13 

4 

9 

! 

6 

8 
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In both tables 

a = 3 l (mod 17). 

The exponent i is called the index of a modulo 17 and written 

i — ind a. (146) 

Similar tables have been worked out for all moduli <2000 which are primes 
or powers of (odd) primes. They enable one to multiply, divide, and solve 
binomial congruences quite easily for these moduli. For example, 

ai 02 = x (mod 17) 

is solved by 

ind x = ind ai + ind a 2 (mod 16). 

Thus, for 

5-6 = x (mod 17) 

indx = 4 = 5+15 (mod 16), 
and therefore x = 13 (mod 17). Similarly 

ax = b (mod 17) 

is solved by 

ind x = ind b — ind a (mod 16). 

With indices, as with logarithms, multiplication, division, evolution, and 
involution are replaced by addition, subtraction, multiplication, and 
division respectively. The general binomial congruence: 

ax n = b (modp), (147) 

is treated in 

Exercise 92. If, in Eq. (147), n is prime to p — 1, there is a unique 
solution given by 

ind x = n -1 (ind b — ind a) (mod p — 1) (148) 

where rC 1 is the reciprocal of n modulo p — 1. 

If (n, p — 1) — g and <7|(ind b — ind a), there is no solution. But if 
< 7 l(ind b — ind a), there are g solutions given by 

y + (k = 0, 1, g - 1) (149) 

g 
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where 


b p ~^)- <•»> 

Exercise 93. Solve 

3 x 6 = 5 (mod 17). 

If the modulus does not have a primitive root we must replace the 
scalar indices i with vector indices (i, j, • • • ). For example, each of the 24 
residue classes prime to 35 can, by the foregoing theory, be expressed as 

a = S l 2& (mod 35) 


with i = 0, 1, • • • , 3 and j — 0, 1, • • • , 5. When the vector index (f, j) 
has only 2 components a two-dimensional representation is handy. Thus 


v 

i \ 

0 

1 

2 

3 

4 

5 

0 

1 

26 

11 

6 

16 

31 

1 

8 

33 

18 

13 

23 

3 

2 

29 

19 

4 

34 

9 

■ 24 

3 

22 

12 

32 

27 

2 

l 

17 


(mod 35) 


Then, as before, if 


and 


ind a = (u , j x ) 


we have 


ind h = 


ind ah = (is , j 3 ) 

with is = ii + i 2 (mod n x ) and js = ji + j 2 (mod n 2 ) where the generators 
are of order n x and n 2 respectively. We may write: 

ind ab = ind a + ind b (mod n x , n 2 ). 

That is, the indices are combined by modulo vector addition. Thus 

33*24 ss 22 (mod 35) 


since 


(3,0) s (1,1) + (2,5) (mod 4, 6). 
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Alternatively, we may consider the table to be continued periodically in 
both directions. Then ordinary vector addition suffices. 

The problem of binomial congruences we leave to the reader. 

We note that by the use of Lemma 3, page 101, the 4X6 table above 
can be transformed into a 2 X 12 table, etc. Even for a prime modulus, 
say 7, we may modify its one dimensional index into a two dimensional 
2X3 diagram. Thus 


1 

2 

4 

6 

5 

3 


But a Fermat Prime, say 17, can only have a one dimensional represen¬ 
tation since 2 2 ” 1 cannot be factored into two factors prime to each other. 
And an 9fll m with 3 or more characteristic factors requires at least that 
many dimensions. 

Finally we note that the (pattern of the) 9flX m cycle graph is obtained most 
simply by the use of such modulo vector addition. Thus from 



For the cycle of A is obtained by continued repetition of the vector dis¬ 
placement from 1 to A, giving us 1 , A, B, C, and then, reducing the i co¬ 
ordinate modulo 4, back to 1. The continued repetition of the vector 
displacement from 1 to E, again reducing i by 4, or j by 2 when necessary, 
gives us 1, E, B, G, 1, etc. The elaborate pattern 2nt 63 is most easily ob¬ 
tained not by multiplication modulo 63 but by addition of two dimensional 
vectors modulo (6, 6). 

Exercise 94. Find the pattern of the cycle graphs for 9fH 63 and for 9Tl 33 
(Exercise 67) by the use of modulo vector addition. 

Exercise 95. Show that if the octal numbers of Exercise 89 are sub¬ 
tracted from 7 and written in binary, they may be interpreted as vector 
indices of the corresponding decimal numbers. 
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Exercise 96. The transformation from a 4 X 6 representation. to a 
2 X 12 representation of 9n 35 (Exercise 82) may be interpreted as a linear 
transformation whereby a fundamental 4X6 rectangle becomes a funda¬ 
mental 2 X 12 parallelogram. 

38. The Other Residue Classes 

After this detailed treatment of 2HX m it is natural to ask “What of the 
residue classes not prime to mV ’ This can be answered quickly. Consider 
m = 21. Then besides the 12 solutions of (x, m) = 1, in 9 TC 2 i , there are 6 
solutions of ( x , m) — 3, 2 solutions of ( x , m) = 7, and 1 solution of (x , m) 
= 21. These three sets of residue classes constitute three other groups under 
multiplication modulo 21. These groups have the cycle graphs 



and the identities 15, 7, and 0 respectively. More generally we have 

Theorem 49. If m = AB with (A, B) = 1, the <£(A) multiples of B , aB, 
where (a, A) = 1, form a group under multiplication modulo m isomorphic 
to 3T l A • We call this group If 0 is the reciprocal of B modulo A, and 

ol0 s a (mod A), (151) 

the isomorphic mapping is 

(mod A) a^aB (mod m) } (152) 

and , in particular , 0B is the identity of 2fTC w (s) . 

Example: Let m = 21, A = 7, and B = 3. Then 0 = 5 (mod 7) and 15 
is the identity of 2fTl*?, as shown above. Stiff ^ 9tl 7 under the mapping 

(mod 7) a ^ 3 a (mod 21) 

where a = 5 a (mod 7). 

Proof. By Theorem 17 the a’s are a rearrangement of the a’s. 

If 

aia 2 = c *3 (mod A), 

oliBol^B ^ aia 2 (0B) 2 see a z 0B ^ a 3 R (mod A). 

And clearly 

a \ Ba 2 B = « 3 R (mod /?) . 
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Therefore 

m\dL\BaJB — a% B or 

aiBa 2 B = aJI (mod m ). 

Thus the <t>(A) multiples of B prime to A form a group isomorphic to 
9 TIa under multiplication modulo m. 

Definition 31. An integer not divisible by a square greater than 1 is 
called quadratjrei. 

Theorem 50. If m is divisible by n distinct primes , there will be exactly 
2 n multiplicative groups modulo m of the type 3TC w (i?) described in Theorem 
49. If m is quadratfrei , each of the m residue classes is contained in exactly 
one of these groups. If m is not quadratfrei , those residue classes a satisfying 

(a, m) = g with ( g,m/g ) 1 (153) 

are contained in no multiplicative group. 

Proof. If 

m = Pi ai p2 a2 * • * Pn n , 

we may clearly choose the B , (and therefore the A), of Theorem 49 in 
2 n different ways. If m is quadratfrei, each a; equals 1, and therefore 
B may be any divisor of m. Since the residue classes in satisfy 

(x, m) = Bj no residue class belongs to two of these groups, and, if m 
is quadratfrei, every possible greatest common divisor, g = (x, m), occurs 
as a B. In this case, then, each residue class is in exactly one group. 

But if one or more a* ^ 1, and if g = sp *° with 1 ^ a < ai , and pi\s , 
let a be a residue class satisfying Eq. (153). Then a = tpf* with pi\t. 
It follows that 

a = a (mod p “*) 
for no r > 1, and therefore 

a r s= a (mod m) 

for no such r. But if a were in a group of order h , and that group had an 
identity e , we would have 

(x = e and a h+1 ^ a (mod m). 

Thus if m is not quadratfrei there are still only 2 n groups, and all remaining 
residue classes, Eq. (153), are in no group. 

Corollary. There are exactly 2 n solutions of 

x = x (mod m) 

if m is divisible by exactly n distinct primes. 
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Proof. Any such x is the identity of a multiplicative group modulo m. 

Example; If m = 36 there are four 3TC m (B) isomorphic to the four 
2fll m for m — 21. (9K„/ 1 is now our former < 3K m .) The remaining 15 
residue classes modulo 36 have •powers in one of the 9TC 36 (B> , although they 
themselves remain outside. We may diagram these appendages as follows: 



3K m never has appendages. These extra residue classes “join” the group 
irreversibly. Their powers get in, but can’t get out. 

Let us also note 

Theorem 51. The 2 n multiplicative groups 9TC m <B) are isomorphic to sub¬ 
groups of 3TC m (1) = 9TC m . 

The proof is left to the reader. 

Exercise 97. Interpret the proof of Theorem 1, on page 4, in terms of 
3Rio (2) . 

39. The Converse of Fermat’s Theorem 
If N is a prime ^ 2, 

2 W_1 = 1 (mod N). (154) 

The converse is not true. Thus 

2 660 = 1 (mod 561) 

as in Exercise 78, but 561 = 3* 11 17 is not a prime. The smallest com¬ 
posite N which satisfies Eq. (154) is 341 = 11-31. In fact 

x = 2°3 5 (mod 341) (155) 

is a representation of 9TC 3 4i where 2 is of order 10, and 3 is of order 30 
So 2 10 s= 1 = 2 340 (mod 341). 

Definition 32. A fermatian is an integer N which satisfies Eq. (154). 
Definition 33. A Fermat number F m is one of the form 2 2 “ + 1. 
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Definition 34. A Carmichael number m is a composite whose largest charac¬ 
teristic factor, f r , divides m — 1. See Definition 30. 

Definition 35. A Wieferich Square is the square of a prime p such that 

p 2 12*- 1 - 1 . 

Wieferich Squares enter into the theory of Fermat’s Last Theorem. 

Theorem 52. All odd primes, Fermat numbers, Mersenne numbers, Car¬ 
michael numbers and Wieferich Squares are fermatians. There are other 
fermatians, also, since 341, for instance, is none of these. 

Proof. Odd primes are obviously fermatians. Since F m \2 2 — 1, and 

2 m+1 |2 2 ”, we find 

F m \2 Fm ~ 1 - 1. 


Again 


M p - 2 P — 1 = kp + 1. 


Then 

M p = 2 P — l|2* p - 1 = 2 Afp_1 - 1. 

A Carmichael number m must be odd, since f r is even, (proof of Theorem 
46), and thus could not divide m — 1 if m were even. Therefore, by Eq. 
(128), 

2 «-i - i (mod m). 

Also, if p 2 |2 p_1 — 1, p 2 |2 p2_1 — 1. Finally 341 is none of these. It is not a 
Carmichael number since f, = 30|340. 

It has never been proved that 

(a) There are infinitely many Mersenne composites, or 

(b) There are infinitely many Fermat composites, or 

(c) There are infinitely many Carmichael numbers, or 

(d) There are infinitely many Wieferich Squares. 

Of the last there are only two examples up to p = 100,000; (S. Kravitz). 
These are 1093 2 (Meissner) and 3511 2 (Beeger). 

Nonetheless it is easy to prove 

Theorem 53. There are infinitely many composite fermatians. 

Proof. Suppose f\ is a composite fermatian. Then 

h = 2 /l — 1 

is also one. For if /i|2 /l_1 — 1, /1I/2 — 1, and fi — 1 + fc/i. Then 

2 /l_1 - 1 = 2 kfi - 1 



The Underlying Structure 117 


which is divisible by 2 fl - 1. = . Further, by Theorem 4, /, is composite 

if/i is. Since 2 U — 1, say, is a composite fermatian, there are infinitely 
many of them. 

The first ten composite fermatians are 


341 == 11-31 561 (a Carmichael) 

645 = 3-5-43 1105 (a Carmichael) 

1387 = 19-73 1729 (a Carmichael) 

1905 = 3-5-127 2047 (a Mersenne) 

2465 (a Carmichael) 2701 = 37-73 

The 43rd composite fermatian, 31417 = 89-353, belongs to none of the 
foregoing distinguished classes, but is perhaps distinguished in its own 
right: 

31417[2 31416 - 1. 

P.^Poulet and D. H. Lehmer have tabulated all composite fermatians 
<10. We give a table showing C(N), the number of such composites 
^N. This is compared with ir(N ). 



Apparently composite fermatians are relatively rare. Of these 2043 com¬ 
posites we may note that 252 are Carmichaels, 2 are Mersennes, 2 are 
Wieferich Squares, and none are Fermat numbers. For the entries in the 
table we have 


C(N) < 


(156) 


Definition 36. If a class of positive integers A contains a subclass B, 
and if A and B are equinumerous, we say almost all A numbers are B 
numbers. 


Example: From the prime number theorem, almost all positive integers 
are composite. 

While it has not been proven that Eq. (156) remains valid as N —> oo, 
one is tempted to risk 

Conjecture 15. Almost all fermatians are prime. 
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Composite fermatians have some interesting properties (Poulet). Their 
distribution is very irregular. Thus 65,350,801 and 65,350,821 are suc¬ 
cessive composite fermatians, and so are 95,452,781 and 96,135,601 a 
gap of 20, and another of more than a half of a million. Very unexpected 
is the fact that more than one half of these numbers end in the digit 1. 

Exercise 98. Prove that 1105 is a Carmichael number. 

Exercise 99. The divisibility relation defining Wieferich Squares re¬ 
minds one of the rare primitive roots of p which are not primitive roots 
of p 2 . But show that 2 is not a primitive root of 3511. Nor is it of 1093, 
but that is not as easy. 

40. Sufficient Conditions for Primality 

When we left the perfect numbers we were in need of a good criterion 
for the primality of M p . Wilson’s Theorem: 

(W-l)!=-l (mod V), (157) 

is a necessary and sufficient condition, but it is not practical. Fermat’s 
Theorem: 

2 n ~ x = 1 (mod N), (158) 

is a necessary and practical condition, but it is not sufficient—as we have 
just seen. We may even say that it is particularly useless for Mersenne and 
Fermat numbers, in view of Theorem 52. This is unfortunate, for while 
2 n ~ 1 , like ( N - 1)!, also grows rapidly, it is relatively easy to compute— 
by successive squarings and residue arithmetic. 

We note that while N = 341 passes the test of Eq. (158), it does not 
pass the test: 

3 340 = 1 (mod 341), 

since, by Eq. (155), 3 is of order 30 and thus 3 340 = 3 10 ^ 1 (mod 341). 
But a Carmichael number m passes the test 

a m_1 = 1 (mod m) 

for every a prime to m. Because of this these numbers are also called 
pseudoprimes. By the results of Sect. 38 we may state an even stronger 
result. 

Theorem 54. For every Carmichael number m, and any a, 

m\a m — a; (159) 

just as in FermaVs Theorem 13: 

p\a p — a. 
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Comment: By implication the test is truly infantile since the number 
doesn’t know its m\a m — a from its p\af — a. 

Proof. A Carmichael number m is quadratfrei, for if p 2 \m, we have 
p\<t>(m), and therefore p\f r , its largest characteristic factor. But if m = ps, 
and f r = pt, we see that f r \m — 1. Now, since m is quadratfrei, by Theo¬ 
rems 50 and 51, every residue class a modulo m is in an M m {B) isomorphic 
to a subgroup of 9fTl m . Thus 

a fr ss / (mod m) 

where I is the identity of Then a w_1 = / and a m = a (mod m). 

We now seek a better criterion and we decide that Euler’s Criterion is 
twice as good a test as Fermat’s Theorem. If 341 were a prime, since it is 
of the form 8k + 5, we would have (2(341) = —1, and 

2 170 = — 1 (mod 341). 

But since 2 10 s= 1 and 2 170 = 1, we see that 341 does not pass this test. 
If a composite N passes Eq. (158), it may be expected to pass 

2 {N ~ 1)I2 s (2\N) (mod N) (160) 

only one-half the time. Here the “Legendre symbol,” (2| N), is computed 
as if A were a prime. Nonetheless, Eq. (160) is not sufficient either, and, 
in particular, all Mersenne numbers satisfy this congruence. 

In contrast, Euler’s Criterion, with a base 3, is a necessary and sufficient 
condition for the primality of Fermat numbers. 

Theorem 55 (Pepin’s Test). F m = 2 2 ” 1 + 1 is a prime if and only if 

H _j ( mod F m ,). ( 161 ) 

Proof. In Theorem 40 we showed that if F m is a prime, (3|F„) = -1, 
and, by Eulers Criterion, Eq. (161) follows. The converse interests us 
more. If Eq. (161) is true, so is 

3 F ” _1 = 1 (mod F m ). 

Then if p\F ,, 3 Fm 1 = 1 (mod p ), and the order of 3 modulo p divides 
Fm — 1 = 2 2m . This order is thus a power of 2. But it cannot divide 2 2 "‘~ 1 = 

(Fm — l)/2 since that would contradict Eq. (161). Therefore the order 
is F m — 1, and since it must be gp — 1, we have F m sS p. Thus p = F m 
and Eq. (161) is also a sufficient condition for the primality of F m . 

The reader will hear a familiar ring in the argument. We use the fact 
that a divisor d of p n , with p a prime, divides p n ~\ if it does not equal 
p". If this leads to a contradiction, d must equal p n . In Theorem 55 p = 2, 
but in Theorem 48 p is any prime. 

With this success for Fermat numbers we again inquire about Mer- 
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senne numbers, 2 P — 1 = M p . Here M p again involves a power of 2, 
but this time M v — 1 is not that power of 2. Instead M p + 1 is. Here we 
see the difficulty. What we need are not divisibility theorems like Fermat’s 
Theorem and Euler’s Criterion, since these involve N — 1. We need a 
divisibility theorem involving N + 1. Lucas found such a theorem, and 
by the use of it he obtained the Lucas Criterion for Mersenne numbers. 

The theorem is associated with rational approximations to the \/3- 
When the \/3, and earlier, the \/2, were found to be irrational, there was a 
great crisis in Greek mathematics and philosophy. We close the present 
chapter, and start a new one, which discusses this crisis, and, associated 
with it, another important source of number theory. 

Exercise 100. If 2 m + 1 is prime, m is a power of 2. 

Exercise 101. From case (f) of Theorem 48, page 106, if a prime 
p\F m , p = 1 + fc2 m+1 . Show that 2 is of order 2 m+1 modulo p, and also, 
that if w > 1, (2|p) - 1. Then 2 (p_1)/2 s= 1 (mod p), and k is even. 
Thus p = 1 + s2 m+2 if m > 1. 

Exercise 102. From Exercises 100, 101, and 4, if we search for the 
smallest prime which divides , our first trial divisor is 641. 

Exercise 103. Prove that every Mersenne number passes the Euler 
Criterion test, Eq. (160), as stated on page 119. 





CHAPTER III 


PYTHAGOREANISM AND ITS 
MANY CONSEQUENCES 


41. The Pythagoreans 

We now examine a third source of number theory, one much older than 
periodic decimals, and even older than perfect numbers. 

Definition 37. Pythagorean numbers are three positive integers that 
satisfy the equation 

a +b 2 = c 2 . (162) 

The name has a twofold significance. First, it refers to the Pythagorean 
Theorem concerning a right triangle, and the three integers give us such a 
triangle: 


b 


a 

whose sides have an integral relationship to each other. Second, it refers 
to the fact that the Pythagoreans gave a formula for infinitely many such 
triangles. Namely, if m is odd and >1, set 

a = m, b = i(m 2 - 1), and c = §(ra 2 + 1) (163) 

Examples : 

3 2 + 4 2 = 5 2 
5 2 + 12 2 = 13 2 

But there are also two senses in which this name, “Pythagorean” num¬ 
bers, is seriously misleading. First, Neugebauer has shown that the Baby¬ 
lonians knew of the numbers of Eq. (162)—not merely those given by 
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Eq. (163)—at least 1,000 years before Pythagoras. Second, such a desig¬ 
nation does not suggest, and indeed tends to conceal, the fact that origi¬ 
nally the Pythagoreans thought that every right triangle would have its 
three sides in an integral relationship by a proper choice of the unit length. 
Furthermore, this belief was not a casual one but instead fundamental to 
the whole Pythagorean philosophy. When it was shattered by a number- 
theoretic discovery which the Pythagoreans made themselves, a profound 
crisis arose in this philosophy and in Greek mathematics. 

Pythagoras (570P-500? b.c.) was born on the Greek island of Samos, 
traveled in Egypt, and perhaps in Babylonia, and founded a school and 
secret brotherhood in southern Italy. We need not go into the ethical doc¬ 
trines that he expounded. On the scientific side, four subjects were studied; 
arithmetiea (the theory of numbers), geometry, music, and spherics 
(mathematical astronomy). Of these four, arithmetiea was considered the 
fundamental subject. In fact, the point of the Pythagorean philosophy was 
that Number is everything. We should make it clear at once that Number 
here means positive integer. There were no others. Since we are writing 
here on the theory of numbers, it behooves us to examine this far-reaching 
assertion in some detail. 

The relationship between number and musical intervals was one of 
Pythagoras’s first discoveries. If a stretched string of length, say, 12, 
sounds a certain note, the tonic , then it sounds the octave if the length is 
reduced to 6. It sounds the fifth (do to sol) if the length is reduced to 8, 
and the fourth (do to fa) if reduced to 9. So Harmony is Number. There 
follows a study of means. The fourth is the arithmetic mean of the tonic 
and octave, 9 = £(12 + 6), while the fifth is their harmonic mean, £ = 
Krs + !)> since its pitch is half-way between theirs. There also follows a 
study of proportion. The fifth is to the tonic as the octave is to the fourth, 
and the criterion of such proportionality is found in 

8-9 = 12-6. 

Since we may write this as 

9*8 = 12-6, 

we also have that the fourth is to the tonic as the octave is to the fifth, 
etc. The study of means and proportion was an important ingredient of 
Py thagoreanism. 

The Pythagorean relationship between music and spherics is less con¬ 
vincing. The intervals between the seven “planets”—the Moon, the Sun, 
Venus, Mercury, Mars, Jupiter and Saturn—correspond to the seven inter¬ 
vals in the musical scale. This explains the Celestial Harmony, and shows 
that the Heavens too are essentially Number. We will see later how this 
mystic nonsense played a most important role in the history of science. 
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But the direct relation between number and spherics, without music 
as a middleman, was also known to Pythagoras from his travels in Egypt, 
and is worth more of our time. We shall not discuss Pythagorean astron¬ 
omy in full. What we need to do is to understand a simple instrument 
called a gnomon , because it exemplifies the Pythagorean synthesis of 
spherics, geometry and arithmetica. 



The gnomon is an L-shaped movable sundial used for scientific studies. 
It rests on one leg; the other is vertical. The length and direction of the 
shadow is measured at different times of the day and year. If the shadow 
falls directly on the horizontal leg at noon (when the shadow is shortest), 
that leg points north. The noon shadow changes length with the seasons— 
minimum at summer solstice and maximum at winter solstice. The sunrise 
shadow is perpendicular to the horizontal leg during the vernal or autumnal 
equinox. Thus the gnomon is a calendar, a compass and a clock. Pytha¬ 
goras knew the world was a sphere—the gnomon measures latitude, it 
measures the obliquity of the ecliptic, etc. Here we have Solar Astronomy 
with Number (measurements) as the basis. 

42. The Pythagorean Theorem 

In all such shadow measurements the geometry of similar triangles and 
of right triangles is essential. A generation before Pythagoras, Thales of 
Miletus (a commercial center near Samos) also went to Egypt, studied 
mathematics, and started a school of philosophy. It is sometimes said that 
Pythagoras was one of his students. Plutarch tells the story that Thales 
determined the height of the Great Pyramid by comparing the length of 
the shadows cast by the Pyramid and by a vertical stick of known length. 
Some writers of mathematical history contest this, claiming that Thales 
did not know of the laws of similar triangles. We believe that he did, but 
we need not argue the point. It suffices for the argument which follows 
that the Pythagoreans did know about similar triangles, and this fact is 
not in question. 
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Nor do we raise the questions as to how and where Pythagoras “dis¬ 
covered” the Pythagorean Theorem. He may actually have learned of it 
from Egypt, for the “rope stretchers” there had long known how to con¬ 
struct right angles with a rope triangle of sides 3, 4 and 5; perhaps the 
Great Pyramid (2700 b.c.) had already been laid out in this way. But we 
do raise the question as to how Pythagoras proved (or thought he proved) 
the theorem, since this proof appears to be a critical step in the subsequent 
events. 

We conjecture, on the basis of what we have already related, and upon 
subsequent events which we will relate presently, that the original proof 
ran as follows. 



Draw the perpendicular COF. Find the greatest common measure of 
the four lines BC, CA , BO and OA. In terms of this length as a unit, let 
the four lines be of length a , b y d , and c—d respectively. Since COB and 
ACB are both right angles and CBO equals itself, the triangles CBO and 
ABC are similar. Thus c is to a as a is to d. Here we have a third type of 
mean, a is the geometric mean of c and d , and 

d 2 = cd . 


Therefore the square CD equals the rectangle OG. Similarly CE equals AF, 
and the square on the hypothenuse equals the sum of the squares on the 
sides. 
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b a b a 



A number of historians have favored a different opinion—that Pythag¬ 
oras’s proof was a dissection proof such as that shown above. A square of 
side a + b can be dissected into four triangles and the square c 2 , or into 
four triangles and the two squares a 2 and b 2 . 

We think that this opinion is incorrect on three grounds. 

(a) The suggested proof has none of the elements of Pythagoreanism— 
no proportion, no means, no “Number-as-Everything,” no relation to 
spherics. 

(b) The suggested proof is very clever, and appears to be of a sort 
that could be concocted after one knew the theorem to be true. But this 
implies a prior proof—or at least some serious evidence in the theorem’s 
favor. 

(c) The subsequent events, and their culmination in Euclid’s Elements , 
are best explained in terms of the (fallacious) proof which we have sug¬ 
gested. 

The Pythagorean derivation of Eq. (163) may date from the same (early) 
period as the Pythagorean Theorem. The names “square” number, “cube” 
number, “triangular” number, etc., all derive from the Pythagorean 
study of the relation between Number and form. The triangular numbers, 
1, 3, 6, 10, etc., are the sums of consecutive numbers: 

• • 

• • • 

• • # • 

10 = 1+ 2 + 3 +4, etc. The square numbers, 1, 4, 9, 16, etc., are the 
sums of successive odd numbers: 


b 


• • 


• • 


— -i 

• • • • 
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16 = 1 + 3 + 5 +7, etc. The odd numbers the Pythagoreans called 
gnomons. It follows at once that if m is odd, and if m is thought of as a 
gnomon of side §(m 2 + 1), then 

m 2 + [§(m 2 - l )] 2 = [i(m 2 + l)] 2 . 

This proves Eq. (163) “geometrically.” And the first case of Eq. (163) 
is the Egyptian triangle, 3-4-5. 

If we now look back at the illustration on page 123, we see the right 
triangular shadow and, framing the square on one side, the gnomon— 
which is really an odd number, etc. This was the Pythagorean synthesis 
at its best, and in its happy days—before the trouble began. 

43. The \/2 and the Crisis 

The source of the trouble is attributed to Pythagoras himself. It is his 
Theorem 56. The equation 

2 a = c (164) 

has no solution in positive integers. 

Proof. Assume a solution with (a, c) — g. Let a = Ag and c = Cg and 

(A, C) = 1. (165) 

Then 2 A 2 = C\ 

But since C 2 is even, so must C be even. Let C — 2D and 
2 A 2 = 4 D\ or A 2 = 2D 2 . 

Then A is also even, and since this contradicts Eq. (165), there is no 
solution. 

This means that 

+5 3^ c/a . 

It is not a ratio, therefore, from the modern point of view, it is an irrational 
“number.” But an irrational number is no number at all—it is (via the 
Dedekind Cut) a class of classes of ordered pairs of numbers. It is totally 
“man-made,” as L. Kronecker said, and thus is of dubious significance 
philosophically. 

To the Pythagoreans, Theorem 56 was a terrible shock. It implies that 
in a 45° right triangle (with b = a), the hypothenuse and the side are 
incommensurable . There is no common measure such as we presumed in 
proof of the Pythagorean Theorem! The following serious consequences 


ensue. 
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(a) The proof is fallacious. 

(b) The theorem is put in doubt. 

(c) The theory of proportion, and of similar triangles, is put in doubt. 

(d) The Pythagorean philosophy is largely undermined. For if Number 
(that is, positive integers), cannot even explain a 45° triangle, what 
becomes of the much more far-reaching claims? 

The Pythagoreans were a secret society, and it is said that their dis¬ 
coveries were kept secret. But it is also said that Pythagoras’s lectures 
were well-attended by the townspeople of Crotona. However contradictory 
this may appear, it is clear that Theorem 56 was highly embarrassing. 
The (unnamed) Pythagorean who first divulged this startling result is 
said to have suffered shipwreck in consequence, “for the unspeakable and 
invisible should always be kept secret.” 

At a later date a new embarrassment arose. While it was not of quite the 
same crucial character it may also have been considered important. The 
Pythagoreans knew of four regular polyhedra, and they associated these 
with the four “elements.” The tetrahedron was fire, the cube was earth, 
the octahedron was air, and the icosahedron, water. But Hippasus, a 
member of the society, discovered the fifth regular polyhedron, the dodec¬ 
ahedron. By an ominous coincidence Hippasus, for divulging this dis¬ 
covery, was also shipwrecked and perished. 

Far be it from us to suggest foul play on the basis of such flimsy evi¬ 
dence. Still, we recall that this was in southern Italy—the home of the 
Mafia—and that a cardinal principle of the Mafia is silence or quick 
retribution. The latter-day Mafia, in Chicago during the Prohibition era, 
was, as we know, involved in the numbers racket, and was also inter¬ 
ested in fifths and fourths, and if squealers were seldom shipwrecked, 
they were often found, well-weighted, at the bottom of the Chicago river. 
Yet the parallel does not quite run true; it takes a rather vivid imagination 
to picture Little Caesar striding into the back room of the garage on Clark 
Street, and snarling, “OK, Louie, so you told about Godel’s Theorem! 
Now take dat!” 

But returning to more solid ground, there is no questioning the fact 
that the problems raised by the y/2 were most serious. We will examine the 
effects of this crisis upon geometry, “spherics,” and arithmetica in the 
next three sections. 

44. The Effect upon Geometry 

If our supposition is correct, the order of the day at this point must have 
been to 

(a) Devise a sound proof of the Pythagorean Theorem, and 
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(b) Devise a sound theory of proportion, which could handle incommen¬ 
surate quantities, and therefore restore the important results concerning 
similar triangles. 

Geometry as a deductive science probably began with the Pythagoreans. 
We see now that they had a strong motivation. When naive mathematics 
leads to paradoxes and contradictions, the day of rigorous mathematics 
begins. In the nineteenth century the paradoxes of the Fourier Series 
played a similar role in the motivation of rigorous mathematics; were it 
not too digressive, we should expound here on the parallelism of the prob¬ 
lems created and of the answers found. 

Instead, we skip over 200 years of Greek mathematics, and examine 
briefly the Greek answers to problems (a) and (b) above, as they appear 
in Euclid’s Elements. 

Euclid gives two proofs of the Pythagorean Theorem—in Book I, 
Prop. 47, and in Book VI, Prop. 31. Both proofs use (essentially) the 
same figure as we show on page 124. Neither proof has any relation what¬ 
soever to the dissection figure on page 125. The first proof has nothing to 
do with similar triangles—these require a sound theory of proportion, 
and this is postponed to Book V. Book I is, so to speak, more elementary. 
It is clear, by reading it, that the main point of Book I is to prove the 
Pythagorean Theorem. This theorem is I, 47, and I, 48, the last proposi¬ 
tion in Book I, is its converse. With few exceptions almost all of the pre¬ 
vious theorems enter into the chain of proof leading to I, 47. 

We show this in the following logical structure. The propositions labelled 
p are the “problems.” We will discuss their role presently. The blank 
block under 46 p and 37 is inserted because both of these propositions 
depend upon both 31 p and 34. 

The proof in I, 47 is based not on similar triangles, but on congruent 
triangles. Draw AD and CG in the figure on page 124. Then the triangles 
ABD and GBC are congruent. But the first equals half of the square CD, 
and the second, half of the rectangle OG. And so CD equals OG, etc. 

The three theorems concerning congruent triangles—I, 4; I, 8; and I, 
26; well-beloved of all high school geometry students—all play leading 
roles, as we see in the logical structure. The problems (bisect a line, an 
angle, construct a perpendicular, etc.) also play leading roles. Number 
plays no role. Proportion plays no role. 

Book V gives the Eudoxus theory of proportion, the answer to problem 
(b), and in Book VI we find a second proof of the Pythagorean Theorem, 
similar to the one which we have attributed to Pythagoras—but now 
based upon the logically sound Eudoxus theory. There can be no doubt 
that Euclid knew of the earlier “proof,” and also what was wrong with it. 
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In conclusion we would point out that three important “peculiar” aspects 
of the Elements all bear testimony to the original Pythagorean “proof” 
and to the subsequent crisis over the \/2. 

(a) In elementary teaching the “problems” are often thought of as exer¬ 
cises, or as applications. Euclid has no use whatsoever for exercises or appli¬ 
cations. The problems are proof that any construction called for in the 
proof of a theorem is indeed possible. The original mistake of Pythagoras, 
“Find the greatest common measure, etc.,” was not to be repeated. 

(b) Number is expelled from Geometry. Much nonsense has been written 
on this point. It has been called a peculiarity of the Greek “mind ”—a 
preference for form rather than number—a greater ability in geometry 
than arithmetic, etc. There is no basis for this. Euclid has three books on 
the theory of numbers. The origins of Greek mathematics in Egypt and 
Babylonia were definitely numerical. Pythagoras’s opinion of Number we 
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know. The expulsion of number from geometry was solely due to the prob¬ 
lems raised by the y/2. 

(c) Euclid’s proof of I, 47 is seldom appreciated in its historical context. 
No doubt Euclid “liked” the logical simplicity of the fallacious Pythag¬ 
orean proof. But to postpone a proof of the Pythagorean Theorem until 
after the “advanced” Eudoxus theory can be studied is undesirable. 
Therefore Euclid gives the most elementary proof he can find, while 
keeping as close as possible to the original Pythagorean structural frame¬ 
work. When Schopenhauer criticized this Euclid proof of I, 47 as a “mouse¬ 
trap proof,” “a proof walking on stilts,” etc., he showed that he had little 
appreciation of the historical, mathematical, and even philosophical points 
which were involved. 

45. The Case for Pythagoreanism 

The most important problem concerning the integers is the determination 
of their role in Nature. The Pythagoreans said Number is everything, 
but, aside from the analysis of music, we cannot say that they made a good 
case for this assertion. Nor could they be expected to do so, with science 
at such a primitive level. The mystic and numerological aspects of Pythag¬ 
oreanism we now regard most unfavorably. However, these aspects can 
be ignored. The real difficulty with Pythagoreanism stems from the V2 
and its corollary that in the analysis of continuous magnitude the integers 
(as such) do not quite suffice. 

If we ask whether modern physical scientists believe that the world can 
be best understood numerically, the answer is yes—practically all of them 
do. But here “numbers” are no longer confined to integers; they also in¬ 
clude real numbers, vectors, complex numbers, and other generalizations. 
The founders of modern physical science (Galileo, Kepler, and others) 
did not have a rigorous theory of real numbers, but they had the practical 
equivalent, namely, decimal fractions. These, of course, the Greeks did 
not have. The formulation of the laws of nature in terms of ordinary dif¬ 
ferential equations (Newton), and in terms of partial differential equations 
(Euler, D’Alembert, Fourier, Cauchy, Maxwell), appeared to further 
weaken the role of integers in Nature and to strengthen that of real num¬ 
bers. But even here we may note that while the variables in an equation 
are continuous, the order of the equation, and the number of variables in it, 
are integers—a point that should not be neglected. 

A philosophy which interprets the world numerically, in the general 
sense of real numbers, we may call New Pythagoreanism , whereas one that 
insists that the integers are fundamental—not only mathematically, but 
also physically—we call Old Pythagoreanism. We now inquire whether a 
case can be made for Old Pythagoreanism. To determine this we must 
examine a list of some of the key discoveries in physical science. 
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(a) Galileo (1590) found that during successive seconds from the time 
at which it starts falling, a body falls through distances proportional to 
1, 3, 5, 7, etc., so that the total distance fallen is proportional to the square 
of the time. Here we have square numbers arising as sums of the odd 
numbers (gnomons!). 

(b) Johannes Kepler was an out-and-out Pythagorean*—one who really 
believed in the Harmony of the Spheres (page 122), etc. He sought for 
many years to find accurate numerical laws for astronomy expressing such 
“harmonies” and in 1619 he discovered his important Third Law—the 
squares of the periods of the planets are proportional to the cubes of their 
mean distances from the sun. 

(c) Even before Newton’s Principia (1687) it was known to Robert 
Hooke, Christopher Wren, and others, that the integer exponents in (a) 
and (b) imply that each planet has an acceleration toward the sun which 
is inversely proportional to the square of its distance from the sun. 

(d) Inspired by Newton’s Law of Gravity (c), Charles Coulomb (1785) 
determined, with a torsion balance, that electrostatic forces were also 
inverse square. Henry Cavendish (1773, unpublished) had already ob¬ 
tained the same law by another method—one which is most instructive 
for our present discussion. The experiment was repeated by Maxwell a 
hundred years later. The experimenter enters a large hollow electrical 
conductor. The conductor is charged to a high potential and the experi¬ 
menter attempts to measure a change of potential on the inside surface. 
He finds nothing—within experimental error. In this way Maxwell es¬ 
tablished that the exponent is —2 with a probable error of d= 1/21600. 
Later experiments reduced the possible deviation from —2 even further. 

The point involved is this: a New Pythagorean might say that Cou¬ 
lomb’s results merely indicate that the exponent is approximately equal 
to —2. But the Cavendish-Maxwell experiment not only suggests that it 
is exactly “2 but also suggests the “reason” for this. Mathematically the 
only law of force which would behave in this way is one whose divergence 
is zero—that is, one that falls off radially in such a way as to just compen¬ 
sate for the increase in the area of a spherical shell with its radius. Now 
this area increases with the square of the radius, and this is so because we 
live in a space of three dimensions. In effect, then, the fact that the ex¬ 
ponent —2 is an integer is directly associated with the fact that the dimen¬ 
sionality of space is an integer. 

(e) From this interpretation of Coulomb’s Law (the divergence is zero), 
from a similar, inverse square, electromagnetic law due to Andr6 Marie 
Ampfere (1822), and from other experimental results, James Clerk Maxwell 
was led to the electromagnetic wave equations in 1865. While the dependent 

* He even suggested the possibility that the soul of Pythagoras may have migrated 
into his own. 
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and the independent variables here are both continuous, we shall see that 
in some respects the number of independent variables, 4, and of dependent 
variables, 6, is more fundamental. We will pick up this thread presently. 

(f) Proust’s Law of Definite Proportions (1799) and Dalton’s Law of 
Multiple Proportions (1808) in chemistry directly imply an Atomic Theory 
of matter. The integral ratios in the second law exclude any other inter¬ 
pretation. Further, it appears that chemical affinity involves integers 
directly, namely the valence of the elements. 

(g) In exact analogy, Lisle’s Law of Constant Angles (1772) and Haiiy’s 
Law of Rational Indices (1784) for crystals directly imply that a crystal 
consists of an integral number of layers of atoms. Again, the integral ratios 
in the second law exclude any other interpretation. Further, there is a 
direct relationship between number and form, e.g., the six-sided symmetry 
of frozen H 2 0. 

(h) The ratio of the two specific heats of air is 7/5 and of helium is 5/3. 
While the (New Pythagorean) phenomenological theory (thermodynamics) 
cannot explain these integral ratios at all, the atomic theory (f) explains 
them easily (Boltzmann). By a similar argument Boltzmann explains the 
Dulong-Petit Law for the specific heats of solids. 

(i) Faraday’s Law of Electrolysis (1834) states that the weight of the 
chemical deposited during electrolysis is proportional to the current and 
time. If chemical weight is atomic, from (f), then this law implies that 
electricity is also atomic. Such electric particles were called electrons by 
Stoney (1891). We will pick up this thread presently. 

(j) In 1814 Joseph von Fraunhofer invented the diffraction grating. A 
glass plate is scratched with a large number of parallel, uniformly spaced, 
fine lines. This integral spacing produces an optical spectrum, since parallel 
light of a given wavelength, shining through the successive intervals on 
the glass, will be diffracted only into those directions where the successive 
beams have path lengths that differ by an integral number of wavelengths. 

(k) The simplest spectrum is that of hydrogen. The wavelengths of its 
lines have been accurately determined, (j). In 1885 Balmer found that these 
wavelengths are expressible by a simple formula involving integers. 

(l) Pieter Zeeman (1896) discovered that the lines of a spectrum are 
altered by a magnetic field, and H. A. Lorentz at once devised an ap¬ 
propriate theory. The radiating atoms (f) contain electrons (i) whose 
oscillations produce the spectrum by electromagnetic radiation (e). The 
frequency of the oscillations (and therefore also their wavelength) is 
changed by the action of the magnetic field upon the electrons. 

(m) From Maxwell’s Equations (e) and thermodynamics, Ludwig 
Boltzmann (1884) derived Stefan’s Law of Radiation (1879). This states 
that a blackbody radiates energy at a rate proportional to the fourth power 
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of its absolute temperature. We note that although electromagnetism and 
thermodynamics are both theories of continua (New Pythagoreanism) the 
real point of the law is the exponent . Here again the exponent 4 is said to 
be exact and, in fact, even a casual examination of Boltzmann’s derivation 
shows that this exponent equals the number of independent variables in 
the wave equation—the three of space and one of time. Just as 2 = 3 — 1 
in (d), so does 4 = 3 + 1 here. 

(n) But this Boltzmann theory involving continua (m) and his other 
theory (h) involving atoms contradict experiment when combined theo¬ 
retically. Thus if electromagnetic radiation is produced by oscillating 
electrons (1), the statistical theory of equilibrium which Boltzmann de¬ 
veloped for (h) does not imply Stefan’s Radiation Law (m). It implies 
instead the so-called Rayleigh-Jeans Law, which does not agree with 
experiment, and in fact asserts that an infinite amount of energy will be 
radiated 1 In plain language this erroneous law implies that equilibrium is 
not possible at temperatures above absolute zero. 

To save the situation, that is to preserve both Stefan’s (m) and Lorentz’s 
(1), Max Planck (1900) found it necessary to assume that the energy was 
not radiated continuously but discretely in quanta. He gives 

E = hv 

where E is the energy of the quantum, v is its frequency, and h is a con¬ 
stant. It is interesting to note that this Planck constant h enters into a 
related radiation law (Wien’s Displacement Law) in the form of a ratio , 
k/h, where h is the Boltzmann constant. Just as h is a measure of the energy 
per quantum , so ft is a measure of the energy per atom. The ratio k/h is 
determined experimentally. If atoms are “small,” then so are quanta 
“small,” but if matter is not continuous—that is, if k > 0—then neither 
is energy continuous, since h > 0. 

But Planck was a New Pythagorean and did not like his (discrete) 
quanta. He sought for years to circumvent his own (fundamental) dis¬ 
covery. But the logic is clear. Just as discrete matter implies discrete 
electricity in (i) so does discrete matter imply discrete energy here—for 
the ratio may be determined experimentally in either case. 

(o) Einstein accepted quanta “heuristically” and in 1905 he used them 
to explain photoelectricity. 

(p) In the same year, but in quite a different vein, he also developed 
relativity. The Michelson-Morley experiment (1887) had suggested that 
Maxwell’s Equations (e) must remain invariant to observers traveling 
with different velocities. The consequences of such an assumption are that 
time and space are no longer absolute and distinct, but are related by the 
Lorentz Transformation. In the hands of H. Minkowski (1908) this led to 
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the four-dimensional space-time continuum. In this theory particular 
importance is attached to vectors with four components. One such vector 
is a space-time displacement. Another, which we will need soon, is the 
momentum-energy vector, three components of momentum and one of 
energy. A skew-symmetric tensor in this four-dimensional world has six 
components—four things taken two at a time. The most important ex¬ 
ample is the electromagnetic field—three components of electric field, and 
three of magnetic. 

(q) This recalls the fact that the Pythagoreans also considered four to 
be especially important. Thus (they say), the soul is related to fire, and 
fire, as we indicated before, is a tetrahedron, and a tetrahedron has both 
four vertices and four faces, and is the smallest regular polyhedron. The 
reader may well consider that we should hastily stow this back in the 
closet—and lock the door. But we have our purpose, and since we have 
raised the point let us examine it for a moment. 

The Pythagoreans say that a point is of no dimension, two points form 
a line, three points a surface, and four a solid. A tetrahedron has two 
special properties: it is the smallest polyhedron, and it has the same num¬ 
ber of vertices and faces (i.e., it is self-dual). Both properties follow from 
the fact that its number of vertices is one more than the dimensionality 
of space. Let us admit, then, that four is important to Pythagoras for the 
same simple reason that it is important to Einstein, Minkowski, Stefan 
and Boltzmann: 4 = 3 + 1. 

But why should fire be a tetrahedron? The reader knows that the spec¬ 
tacular part of fire is the radiant heat and light, and that this is electro¬ 
magnetic, and that the six components of this field are obtained by taking 
the four dimensions of space-time two at a time (p). So likewise the six 
edges of the tetrahedron join the four vertices two at a time, and also are 
the intersections of the four faces two at a time. But we do not insist upon 
it. If the reader can find a more fitting regular polyhedron for fire let him 
do so. We now close the closet and return to experimental facts. 

(r) A most important discovery, and one which is very instructive for 
our present investigation since it combines New and Old Pythagoreanism, 
is MendeleefTs Periodic Table of the chemical elements (1869). If the 
elements are listed in order of their atomic weights (f), then chemical, 
spectroscopic, and some other physical similarities recur periodically. But 
there were many imperfections and many questions arose. Tellurium 
weighs more than iodine. But if placed in the table in that order these 
elements clearly fall into the wrong groups. Again, the position of the rare 
earths and the numerous radioactive decay products was not clear. The 
rare gases were entirely unanticipated. Further, the table is not strictly 
periodic but has periods of length 2, 8, 18, and 32. Why these periods 
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should all be of the form 2 n 2 was not clear. Indeed, how could it be—for 
what can mere weight have to do with these other properties? 

(s) In 1911 C. G. Barkla found, by x-ray scattering, that an atom con¬ 
tains a number of electrons approximately equal to one-half of its atomic 
weight. 

In the same year E. Rutherford found, by alpha particle scattering, that 
the (compensating) positive charge, and with it most of the mass, was con¬ 
centrated at the center of the atom. This positive charge was about one- 
half of the atomic weight. There followed Rutherford’s theory of the atom— 
a miniature “solar” system with the light, negatively charged electrons 
bound to the heavy, positively charged nucleus by inverse square Coulomb 
forces (d). 

(t) In 1913 Niels Bohr assumed that the hydrogen atom had this 
(simplest) Rutherford structure (s)—one proton as a nucleus and one 
electron as a satellite. With the use of Planck’s E = hv, (n), he deduced 
the Balmer formula (k) with great precision. However, he had to assume 
that the electron could have a stable orbit only if its angular momentum 
were an integral multiple of h/2ir. That is, 

mvr = nh/2ir 

with m the electron’s mass, r the orbit’s radius, v the electron’s velocity, 
and h Planck’s constant. The integer n, the principal quantum number , 
made no sense in the New Pythagorean theories then in vogue, but its 
acceptance was forced by the remarkable accuracy of the theory’s pre¬ 
dictions.* 

(u) 1913 was a good year for Old Pythagoreanism. Soddy and Fajans 
found that after radioactive emission of an alpha particle (charge +2) the 
resulting element is two places to the left in the periodic table, whereas 
emission of a beta particle (charge — 1) results in a daughter element one 
place to the right. Together with the earlier results in (s) this Displacement 
Law makes it clear that atomic number , not atomic weight, is the important 
factor. This integer is the positive charge on a nucleus, the equal number 
of electrons in that atom, and the true place in the table of elements. This 
was explicitly stated by van den Broek and rapid confirmation was ob¬ 
tained by Moseley (w). 

(v) In 1912 von Laue made the very fruitful suggestion that a crystal 
(g) would act like a diffraction grating (j) for radiation of a very short 
wavelength. 


* While Niels Bohr was applying numbers to the analysis of spectra, his brother, 
Harald Bohr, was applying a generalized spectral analysis (almost periodic func¬ 
tions) to the analysis of number (prime number theory). 
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(w) Henry Moseley (1913) used von Laue’s suggestion (v) to measure 
the (very short) wavelengths of x-rays. Optical spectra, like chemical 
behavior, are due to the outer electrons in an atom, and thus have a periodic 
character. But x-ray spectra are due to the inner electrons, and these 
electrons are influenced almost solely by the charge on the nucleus. 
Moseley’s photographs show a most striking monotonic variation of the 
x-ray wavelengths with atomic number. 

Atomic number at once cleared up most of the difficulties in (r). But 
what about 2 n 2 ? 

We note in passing a remarkable neck-and-neck race of x-rays and radio¬ 
active radiation: 


X-Rays Radioactivity 

Discovery.1895 Roentgen 1896 Becquerel 

Atomic Structure.1911 Barkla 1911 Rutherford 

Atomic Number.1913 Moseley 1913 Soddy 


(x) In 1923 L. de Broglie applied relativistic invariance of four-vectors 
(p) to Planck’s E — hv , (n). The energy E and the time associated with 
the frequency v are merely single components of two four-vectors. The 
remaining three components of momentum and of space, respectively, 
(p), must be similarly related. Thus a particle of momentum mv should 
have a (de Broglie) wavelength A given by 



mv 


When this is applied to Bohr’s 


one obtains 


mvr = nh/2r 


nX = 2irr. 

Thus the matter wave has exactly n periods around the circumference of 
the orbit and the interpretation of the electron’s stability is that it con¬ 
stitutes a standing wave. 

(y) This conception was refined in the Schroedinger Wave Equation 
(1926). Here there are three quantum numbers n , l , and m corresponding to 
the dimensionality of space. In polar coordinates the wave functions cor¬ 
responding to l and m are spherical harmonics—no, not Harmony of the 
Spheres—but very close to it. It further develops that the integer l can 
equal 0, 1, 2, • • • , n — 1 while m can equal — l, — l + 1, • • ■ , l — 1, l. 
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For n — 4, for example, we have 16 possible states: 


values of m 


3 

2 

I 

0 

2 

1 

0 

-1 

1 

0 

-1 

-2 

0 

-1 

-2 

-3 

T 

T 

t 

T 

0 

l 

2 

3 


Gnomons! 

(z) But a fourth quantum number was already waiting. In 1925 Uhlen- 
beck and Goudsmit discovered the spin of the electron. This gives rise to a 
fourth number s which can take on two possible values. When this fourth 
coordinate is added, with its astonishing rounding out of the little “solar” 
system by rotating the “planets” and thus simulating time, we obtain the 
2 n 2 states which correlate with the periods in the periodic table. But we 
must distinguish—and also associate-—two different “harmonies” here. 
In one atom an electron can go from state to state; thus giving rise to the 
spectrum. This is the first “harmony.” On the other hand, as we go through 
the periodic table, adding one new electron each time, the new electrons 
will also take on these distinct quantum states according to the Pauli 
Exclusion Principle (1925). This gives rise to the periodic table—the 
second “harmony.” 

Before the rare gases were discovered it seemed as though the (lighter) 
elements in the periodic table had a period of 7, not 8, and Newland (1864) 
called this the Law of Octaves. He was an Old Pythagorean, but he lacked 
the facts. 

If we thought it necessary to strengthen the case we could continue and 
discuss isotopes (Soddy); hc/2ire 2 = 137 (Eddington); “magic” numbers 
(Mayer); “strangeness” numbers (Gell-Mann); etc. It is not a coinci¬ 
dence, for example, that the three nuclei which are fissionable with slow 
neutrons, U 233 , U 235 , and Pu 239 , all contain an even number of protons and 
an odd number of neutrons. 

However it is not our purpose to write a history of science. We asked 
whether there is a case for Old Pythagoreanism. We conclude that there is 
—and a strong one. Henceforth we shall call it Pythagoreanism. 

Exercise 104. Draw a diagram showing the historical-logical structure 
of the discoveries (a) to (z) discussed above. 
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46. Three Greek Problems 

We now return to number theory and consider three problems which are 
immediately suggested by (the troublesome) Theorem 56. We recall that 
this theorem stated that the equation 

c = 2 a 2 (166) 

has no solution in positive integers. The first problem is that of generalizing 
this theorem. While the y/2 is encountered in a 45° right triangle (one- 
half of a square), the V§ is similarly encountered in a 30°-60° right tri¬ 
angle (one-half of an equilateral triangle), and the corresponding equation 
is 


c 2 = 3a 2 . (167) 

Equation (167) again has no solution in positive integers, or, we may say, 
the is irrational. 

Plato states that Theodorus the Pythagorean (ca. 400 b.c.) showed 
that a/§, a/5, a/6, \/7, a/8, \/l0, a/TT, a/12, \/l3, \/l4, a/15, and y/V7 
were all irrational, “beyond which for some reason he did not go.” The 
implication is that Theodorus had no general approach to the problem. 
With the use of the unique factorization in Theorem 7, however, it is very 
easy to prove the more general 

Theorem 57, The equation 


c n = Na n (168) 

has no solution in positive integers unless N is the nth power of an integer. 
Proof. If c and a are written in standard form: 

C = Pl ai P r ■■■ , o = SxV 2 •' • 

we see that c n , a n , and thus also c n /a n , have all the exponents in their 
standard factorizations divisible by n. Therefore N = c n /a n is an nth 
power. 

There are many deeper solved and unsolved problems concerning irra¬ 
tional and transcendental numbers, but it would be digressive to discuss 
them now. 

The second problem arises by modifying Eq. (166) to read 

c 2 - 2a 2 = ±1. (169) 

The motivation is clear. The right side of Eq. (169) cannot be replaced by 
zero. To best approximate an isosceles right triangle we seek sides a, 
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and “diagonal” c, with the right side of Eq. (169) having the smallest 
magnitude possible. The corresponding isosceles triangle approximates a 
right triangle and the ratio c/a is a rational approximation of the y/2. 

It is interesting that the opposite strategy leads to (essentially) the 
same problem. Let the triangle be a right triangle whose (integral) sides 
differ by as little as possible, that is, let b = a + 1 in Eq. (162). Then 
from a + b 2 — c = 0 we have 

2a 2 + 2d + 1 - c = 0 or 

(170) 

(2d + l) 2 — 2c 2 = — 1. 

We therefore require a solution of Eq. (169) with c odd (= 2a + 1), 
a = c, and — 1 on the right. 

The Pythagoreans knew at least some of the solutions of Eq. (169). 
But Theon of Smyrna (ca. a.d. 130) gave 

Theorem 58. Let the “side” and “diagonal” numbers a n and c n be de¬ 
fined by 


and 1 in general , 


a l = 1, 
a% — 2 , 
a 3 = 5, 

a n +1 ~ a n T“ o n , 


ci = 1 ; 

C 2 — 3; 

Cz = 7; 

Cn+l ~ “f“ C n . 


Then 

Cn — 2a n 2 = (- 1 )”. 

Proof. From Eq. (171) 

Cn+i 2a n +i = (2a n Cn) 2(a n -f - c n ) 

o 2 2 

2a n Cn 


= -(c n 2 - 2o„ 2 ). 


(171) 

(172) 


Since c? — 2aj 2 = — 1, Eq. (172) follows by induction. 

Several comments are in order. Equation (171), in fact, gives all the 
solutions of Eq. (169), but that has not yet been demonstrated. The 
source of the solution Eq. (171) is not indicated here but will be revealed 
later. Finally we note that the right triangles obtained by Eq. (170), 
from the side and diagonal numbers for n odd (and >1), are given by 
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the triples: 


(3, 4, 5); (20, 21, 29); (119, 120, 169); etc. 

These agree with the Pythagorean sequence, Eq. (163): 

(3, 4, 5); (5, 12, 13); (7, 24, 25); etc., 
only in the first triangle. 

Theorem 58 has an important generalization but some modification is 
necessary. For example, if we replace 2 by 3 in Eq. (169) and choose the 
negative sign: 

c 2 - 3a 2 = -1 (173) 

we obtain an equation with no solution. That is clear since it implies 
c = — 1 (mod 3), and we know that is impossible. But if we choose the 
plus sign and if N is not a square, the equation 

c 2 - Na 2 = 1 (174) 

always has infinitely many solutions. This important theorem of Fermat 
we postpone until later. 

If N = 3, we have 

C 2 - 3a 2 = 1 (175) 

and, while Eq. (173) is impossible, 

C - 3 a 2 = -2 (176) 

is not. In his famous Measurement of a Circle Archimedes obtains 

3t > x > 34 t 

and in deducing these inequalities he uses 


1351 
780 > 


a/3 > 


265 

153* 


The reader may verify that these good approximations to a/3, (call them 
c/a), satisfy Eqs. (175) and (176) respectively, so that Archimedes knew 
at least some solutions of these equations. 

Exercise 105. From one of these Archimedean approximations to the 
V3, and by an approach similar to Eq. (170), deduce the fact that (451, 
780, 901) gives a right triangle which is approximately 30°-60°. 

The last exercise, and the two series of Pythagorean numbers given 
above, suggest the third problem—that of finding all solutions of 

a +6 = c . 
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This is solved by 

Theorem 59. If a, b, and c are positive integers which satisfy 

a 2 + b 2 = c 2 , (177) 

it is sufficient if they are given by 

a = s(2uv), b = s{u-v), and c = s(u + v), (178) 

with u> v, and Eq. (178) is also necessary providing we are willing to inter¬ 
change the formulae for a and b if this is necessary. 

Comment: The sufficiency was given by Euclid, Book X, Prop. 28, 29, 
but was known to the Babylonians more than 1,000 years earlier (see 
page 121). 

Proof. Since 

(2 uv) 2 + (a 2 - » 2 ) 2 = (a 2 + v 2 ) 2 

is an identity, the sufficiency of Eq. (178) is obvious. Suppose (a, b) — s 
in Eq. (177). Then s|c and let a = sA,b = sB, and c = sC. Then 

A 2 + B 2 = C 2 (179) 

with A, B, and C all prime to each other. A and B are not both odd, for 
H so A 2 + B 2 = C 2 is of the form 4 m + 2, and this is impossible. Nor are 
they both even, since (A, B) = 1. Without loss of generality let A be even 
and B be odd, and therefore C is odd. Then 


(A\ 2 _C - B C + B 

\2 / 2 2 


(180) 


But (C + B)/2 and ( C — B) / 2 are prime to each other, for, if not, their 
sum C and difference B would not be either. By Theorem 7 and Eq. (180), 
(C + B) /2 and (C - B) /2 are therefore squares, say u and v . 

Therefore 

A = 2uy, B = u — v 2 , and C = a 2 + v 2 . (181) 


Then Eq. (178) follows. 

Corollary. All Pythagorean numbers 

A 2 + B 2 = C 2 

with A, B, and C prime to each other, and with A even, are given by Eq. (181) 
where a and v are prime to each other, one being odd and one even. These 
triples are called primitive triangles. 
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The 12 smallest primitive triangles listed according to hypothenuse are: 


A 


B 


C 


u 


V 


\ A — B\ 


4 

12 

8 

24 

20 

12 

40 

28 

60 

56 

16 

48 


3 

5 

15 

7 

21 

35 

9 

45 

11 

33 

63 

55 


5 

13 

17 

25 

29 

37 

41 

53 

61 

65 

65 

73 


2 

3 

4 

4 

5 

6 

5 
7 

6 

7 

8 
8 


1 

2 

1 

3 
2 
1 

4 
2 

5 
4 
1 
3 


1 

7 

7 

17 

1 

23 

31 

17 

49 

23 

47 

7 


Exercise 106. In how many primitive triangles is 85 the hypothenuse? 
What about 145? 

Exercise 107. If u 0 and v 0 are prime to each other and both odd, show 
that the A, B, C obtained from Eq. (181) equal 2 B\ 2A', 2C for some 
primitive triangle: A', B\ C'. Determine the u and v for this triangle in 
terms of u 0 and v 0 . 

47. Three Theorems of Fermat 

Just as Theorem 56 led the Greeks to the three problems discussed above, 
so did Theorem 59 lead Fermat to three important theorems. Each of 
these, in turn, led to an important branch of number theory. We will prove 
none of these theorems in this section but will state all three—in a survey 
fashion. 

Perhaps the most important is 

Theorem 60. Every prime of the form 4 m + 1 is the sum of two squares 
in a unique way. 

Examples : 

5 = l 2 + 2 2 , 17 = l 2 + 4 2 , 37 = l 2 + 6 2 , 

13 = 2 2 + 3 2 , 29 = 2 2 + 5 2 , 41 = 4 2 + 5 2 . 

This theorem, which had already been stated by Girard several years 
earlier, is, of course, suggested by the third column of the foregoing table 
and the formula C = u + v. In example (h) of Theorem 48, page 106, 
we have seen that if C is prime it is of the form 4m + 1. But to prove 
Theorem 60 we need the (harder) converse and also the uniqueness. The 
theorem is rather surprising, since primality is a purely multiplicative 
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concept. What can primality have to do with a sum of squares? We will 
return to this point and theorem. 

With Eqs. (170) and (171) we obtained infinitely many primitives with 
| A — B | =1. The column \ A — B \ above has familiar looking numbers, 
from our studies of the factors of M v , and suggested to Frenicle and Fermat 
that every prime of the form 8 m d= 1 is the difference of the legs of in¬ 
finitely many primitive triangles. Since 

| A — B | = \(u — v) 2 — 2v | 

the implication is that every prime p of the form 8m ± 1 can be written as 

dtp = x — 2y 

in infinitely many ways. Together with Theorem 60 we are led to consider 
the numbers 

x 2 + Ny 2 

for every integer N. This brings us to an extensive subject—that of binary 
quadratic forms . We may note that while perfect numbers and periodic 
decimals lead to quadratic residues only at a deeper level, with Pythagorean 
numbers they arise at once. For if a prime p is given by 

p = x 2 + Ny 2 , 

then, since (y, p) = 1, we have 

(y~ l x) = \ /—N (mod p). 

It is interesting to note that the two square roots which were most frui tful 
historically in forcing an extension of the number system, namely \/—l 
and \/2, were also those which arose earliest in these binary quadratic 
forms, x 2 + Ny 2 . 

Further examination of the column C raises other questions. The hy¬ 
po thenuse 65 arises twice: 

65 = 7 2 + 4 2 = 8 2 + l 2 . 

In how many ways is an integer a sum of two squares? 

And, of course, some numbers cannot be written as sum of two squares. 
But, of these, some are a sum of three squares, and some of four. Thus 

14 = 9 + 4 + 1; 7 = 4 + 1 + 1 + 1. 

Following an earlier statement by Bachet, Fermat proved 

Theorem 61. Every positive integer n is expressible as 

n = w + x + y -r z 

where w , x, y , and z are integers , positive or zero . 


( 182 ) 
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Like Theorem 60, Theorem 61 is rather surprising, and rather hard to 
prove. Euler was unable to prove it although he worked on it for years. 
Through its generalization, Waring’s Problem, it became a major source 
of additive number theory. A sketch of a proof of Theorem 61 is given in 
Exercises 31S-33S, on page 209. The first published proof is due to La¬ 
grange. 

From a sense of symmetry the reader probably can guess what comes 
next. If a sum of two squares leads us to consider a sum of four squares 
on the one hand, it should also lead us to consider a sum of two fourth 
powers on the other. In the foregoing table either A (as in 4, 3, 5) or B 
(as in 40, 9, 41) may itself be a square, but not both simultaneously. This 
result is closely related to an impossible problem of Bachet—to find a 
Pythagorean triangle whose area is also a square. (We may call this the 
problem of “squaring the triangle”—in integers.) This problem may be 
shown to imply the following condition: 

a 4 - 6 4 = c 2 . (183) 

Fermat proved Eq. (183) impossible, and similarly he proved 

Theorem 62. The equation 

a 4 + b 4 = c 2 (184) 

has no solution in positive integers. 

Corollary. The equation 

a +b 4 = c 4 (185) 

has no solution in positive integers. 

Proof of the Corollary. A fourth power is a square. 

We will prove Theorem 62 later. The corollary is in striking contrast 
with Theorem 59 where there are infinitely many solutions. The corollary 
is the only easy case of Fermat’s Last “Theorem.” We will consider this 
celebrated conjecture in the next section. While it is sometimes stated to 
be an isolated problem—of no special significance—it was, in fact, one of 
the main sources of algebraic number theory. 

48. Fermat’s Last “Theorem” 

It is well known that Fermat wrote that he had “a remarkable proof” of 

Conjecture 16. The equation 

a n + 5" = c 

has no solution in positive integers if n > 2. 


( 186 ) 
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The Corollary of Theorem 62 is, of course, the case n = 4. The reader 
probably knows that no general proof has been found, although “it has 
been attempted by Euler, Legendre, Gauss, Abel, Dirichlet, Cauchy, 
Kummer,” etc.; that Paul Wolfskehl, a wealthy German interested in 
number theory, offered a reward of 100,000 marks in 1908; that Hugo 
Stinnes, a wealthy German not interested in number theory, helped bring 
on the German Inflation in the 1920’s and thus (incidentally) reduce the 
value of this prize considerably; and that (nonetheless) much further 
effort has been expended by thousands of professionals and amateurs with 
no conclusive result. According to Professor Mordell, there are easier 
ways to make money than by proving Fermat’s Last Theorem. 

We will first give an interesting approach which makes the conjecture 
plausible. The reader knows that if g(x) is a rational function of x, 

/ g(x) dx 

is integrable in terms of elementary functions—that is, a finite combination 
of algebraic, trigonometric and exponential functions together with their 
inverses. Or, again, say, 

J Vl — Z 2 dx (1S7) 

is so integrable. But 

/ VT=T<dx (188) 

is not elementary—it is an elliptic integral. 

Chebyshev has proven that if U, V , and W are rational numbers, then 

f x v {A + Bx r ) w dx (189) 

is integrable in terms of elementary functions if and only if 

F±2 , or W, or ^-±-1 + W (190) 

is an integer. In Eq. (188) we have A ~ —B — 1, TJ = 0, V = 4, and 
W — j. But neither }, nor §, nor f is an integer. 

If in Theorem 59 we set x = a/c and y — b/c and t = v/u we find that 
all rational solutions x and y of 

2.2 -I 

X + y = 1 
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are given by 


x 


2 1 

1 + t 2 


and 


1 - t 2 
1 + f 


( 191 ) 


where t is an arbitrary rational number. 

Now, in Eq. (186), let us similarly write x = a/c and y = b/c and 
generalize the exponent n to be any rational number Jc. Thus 


x k + y k = 1- (192) 

We now ask, following the example of Eq. (191): Are there rational func- 
tions 


x = f(t) and y = g(t) 

such that Eq. (192) is satisfied identically? 

If k = 1/q, for q a nonzero integer, the answer is yes, since we may set 

x — t q and y = (1 — t) q . 

And, if ft = 2/q the answer is yes, since we may set 



But for any other rational number ft no such rational functions exist. 
For consider y = (1 — x k ) llk and the integral 

/ (1 — x k ) Vk dx = / ydx. (193) 

If x = /(0> an( I y — g(t)> by the change of variable x = f(t) the integral 
becomes 


and since this integrand is a rational function, the integral is elementary. 
But, by Eqs. (189), (193) and (190), we must have 

1 1 2 
ft ° r ft 0I * ft 

an integer, say q. Therefore we must have 

ft = 1/q or ft = 2/q 

and this condition is not only sufficient, but also necessary. In particular 

ft 9^ 3, 4, 5, • • • . 
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Now it is clear that if k could be an integer >2, Eq. (192) would have 
infinitely many rational solutions (by choosing any rational t) and thus 

k t jk k 

a “t b = c 

would have infinitely many integral solutions. But although Eq. (192) is 
not solvable in rational functions, this does not preclude, at least according 
to any known argument, a solution in terms of rational numbers. Although 
the existence of such rational functions would disprove Conjecture 16, 
their nonexistence does not prove it. The approach here is therefore only 
suggestive—it proves nothing about Conjecture 16, but it does show the 
special role of n = 1 and n = 2. 

Three comments of general mathematical interest are these. 

(a) The use of the transformations, Eq. (191), for rationalizing in¬ 
tegrands involving y = \/l — x 2 is well known to calculus students. We 
see here the intimate connection with Pythagorean numbers. 

(b) The reader notes that we have not previously used methods in¬ 
volving functions and integration, and may well ask, “What have these 
to do with number theory?” The question is well taken and in fact it may 
be stated that here, at least, the influence really goes in the opposite direc¬ 
tion. The proof of Chebyshev’s result, Eq. (190)—see Ritt, Integration in 
Finite Terms , Columbia University Press, 1948, p. 37—is based on certain 
characterizations of the algebraic functions x u (A + Bx v ) w in terms of 
integers —namely, the number and order of the so-called branch points. 
It is not so much that algebraic functions have number-theoretic implica¬ 
tions as that numbers have functional implications. 

(c) We are impressed here with the fact that although Conjecture 16 
has so far resisted all attempts at proof, the analogous theorem in terms 
of functions is relatively easy. There are other examples of this phenomenon 
in number theory. For example, there is a theorem analogous to Artin’s 
Conjecture 13 which concerns functions, not numbers, and this has been 
proven by Bilharz. It would take us too far afield to elaborate. 

49. The East Case and Infinite Descent 

To prove Conjecture 16 it would clearly suffice to restrict the variables 
in 

a n + b n = c n (n > 2) 

as follows: 

(A) a, b , and c are prime to each other, and 

(B) n = 4 orn = p, an odd prime. 
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For if (a, b) = s > 1 we may proceed as on page 141 in the proof of The¬ 
orem 59, and if n 4 or p, it equals 4 k or pk for some k > 1. But 

a + b = c 

is then impossible if 


(a*) 4 + {b k Y = (c k y 


and 


(a k ) p + (b k ) p = ( c k ) p 

are impossible. 

The only easy case is n = 4, and therefore also n = 4k. The impossibility 
of this case we now prove. The proof is similar to that which Fermat gave 
for Eq. (183), and this latter proof is noteworthy in two ways: 

(A) Of all Fermat's theorems this is the only one for which his proof is 
known. 

(B) The proof uses “infinite descent," a method Fermat recommended 
highly, which he used both for negative propositions such as Theorem 62, 
and with some modification, for positive propositions such as Theorem 60. 

Proof of Theorem 62. Assume 

A 4 + B 4 = C 2 (194) 

where A, B, and C are prime to each other, and, without loss of generality, 
let A be even. Then, by Theorem 59, Eq. (181), we have 

A 2 = 2uv, B 2 = u — v‘ 2 , and C = u + v 

with u prime to v. Then B 2 + v = u , and since B is odd, v is even. Thus 

v — 2rs and u = r 2 + s 


with r prime to $. Since 

A 2 = 2 uv — 4rs(r 2 + s 2 ), 

by Theorem 7, r, s, and u = r 2 + s 2 must all be perfect squares. Let 
r = a 2 , s = /3 2 , and u — y 2 . 


Then 

4 l /O 4 2 

a + = y 


(195) 


with y S u < C. 

Given a solution, Eq. (194), we could thus find a second solution, Eq. 
(195), whose right side is smaller. But this implies an infinite sequence 
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of positive integers 

C > 7 > 7i > 72 > • * > 0. 

Since this infinite descent is impossible, there is no solution. 

We now analyze this proof for any light it may throw on Conjecture 16, 
and note three features: 

(A) The proof leans heavily on Theorem 59, but this is possible only 
because 4 = 2*2 and thus is not extendable to odd exponents. 

(B) As in Theorems 56, 57 and 59, the unique factorization of Theorem 
7 plays an important role—in distinction to, say, Chapter II, where the 
“Fundamental” Theorem was hardly used at all. We should expect unique 
factorization to be important for Conjecture 16. 

(C) The infinite-descent strategy, like point B, is not peculiar to n = 4, 
and we may expect it to be useful for Conjecture 16. 

Despite its rather exotic name it should be noted that infinite descent 
is essentially the Well-Ordering Principle , i.e., every nonempty set of 
positive integers contains a smallest member. As is well known, this prin¬ 
ciple is equivalent to the principle of induction—and thus is the most 
characteristic of all the laws concerning the integers. The reader may note 
that in the proof of Theorem 7 itself (page 6), and of the underlying 
Theorem 5 (page 9), the Well-Ordering Principle is used several times. 

50. Gaussian Integers and Two Applications 

To attempt Conjecture 16, the analysis above suggests that we utilize 
points B and C there while dropping point A. We introduce this possibility 
by returning first to the paradox raised on page 143. Given a prime p of 
the form 4m + 1, and given, by Theorem 60, 

p = a+b\ (196) 

we repeat, “What has the multiplicative concept of primality to do with a 
sum of two squares?” We can write Eq. (196) in a purely multiplicative 
manner: 


p = (a + hi) {a — hi) (197) 

where i = a/— T and p is a product of the two complex factors. This is a 
rather ironic solution of the paradox, since in terms of these factors p is no 
longer a prime! 

Definition 38. Gaussian integers are numbers of the form a + fcz, where 
a and b are integers. 

Examples : 


2 + 3 i, 


4 - 7 i, 


—2i, 7 
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We will give only a brief sketch of these integers. The sum, difference, 
and product of two Gaussian integers are Gaussian integers, but 

a -|- bi\c H - di 

only if there is an e + ft such that 

(a + bi) (e + fi) = ( ae — bf) + (af + be)i = c + di. 

That is, the e and / obtained by solving ae — bf = c and af + be = d 
must both be integers. A unity is a divisor of 1, namely, 1, — 1, i, or —i. 
Two numbers are associated if their ratio is a unity. A prime is not a unity, 
and is divisible only by associates of 1 and of itself. Prime to each other 
means having no common divisor other than a unity. 

Consider all ordinary integers, positive, negative, and zero. Let +1 and 
— 1 be the unities. Let a and —a be associated, and let 

±2, ±3, d=5, etc. 

be the primes. The fundamental theorem (Theorem 7) may be extended 
to all integers as follows: 

Theorem 63. Each integer not zero or a unity can be factored into a product 
of primes which is unique except for a possible rearrangement , and except 
for a possible substitution of associated primes. 

Example : 


-15 = 3(—5) - 5(—3), etc. 

Now we state, without proof, that Theorem 63 is also true for Gaussian 
integers. Assuming this, we will give two applications. 

Partial Proof of Theorem 60. On the basis of this unique factori¬ 
zation we will show that every p = 4m + 1 is a sum of two squares. Since 
(— 11 p) = 1 there is an s such that 

p\s 2 + 1. 

Let the quotient be q and 

pq = s 2 + 1 = (s + i)(s — i). 


Now p cannot be a Gaussian prime, for if it were, by the unique factoriza¬ 
tion of s 2 + 1, we would have p|$ + i or p\s — i. Since neither quotient 
is a Gaussian integer, p is not a Gaussian prime. But it is not divisible by 
a real prime. Therefore 


a + bi\p 
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for some a and b. Since p is real the quotient must be c(a — hi). Thus 
p = c{a + b 2 ) , and since c must be 1, we have p = a + b 2 . 

Partial Proof that Eq. (183) is Impossible. Assume 

A 4 - B 4 = C 2 , B = 0 (mod 2) (198) 

with A , B , and (7 prime to each other. Then C is odd and 

A 4 = (C + iB 2 )(C - iB 2 ). 

By unique factorization C + iB 2 is associated with a perfect fourth power. 
Assume first that it equals a fourth power or its negative: 

C + iB 2 = (D + iE) 4 or = — (E + lD) 4 . 

Then 

B 2 = 4DE(D 2 - tf 2 ), ±C = D 4 — §D 2 E 2 + E 4 . 

Since Z>, and D 2 - E 2 are prime to each other they are perfect squares. 
Let D = a 2 , E = and D 2 — E 2 = y 2 . Then 

a 4 — fi 4 = 7 2 , (198a) 

and, since 4/3 2 |£ 2 , < B. Since C is odd, Z) and # are not both odd. And, 

since D 2 — E 2 is a square = 4m + 1, we must have E and therefore ft even. 
Finally, C + iB 2 ^ ±i(D + iE) 4 , since equality here implies that C is 
even. Then, by infinite descent, from Eq. (198a) and fi = 0 (mod 2), Eq. 
(198) is impossible. 

By a somewhat similar approach, using a generalized unique factoriza¬ 
tion, and infinite descent, we now examine Conjecture 16. 

Exercise 108. Show that Bachet’s problem (page 144) is equivalent 
to Eq. (198) and therefore impossible. 

51. Algebraic Integers and Kummer’s Theorem 

We generalize Gaussian integers and sketch the following. A root z of a 
polynomial with integer coefficients is called an algebraic number. The set 
of all numbers 



which are rational functions (with integer coefficients) of z is called an 
algebraic number field, k(z). The numbers of such a field which are roots 
of a polynomial 


w n + 1 + • • • + s = 0 
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with integer coefficients, and leading coefficient 1, are the algebraic integers 
of that field. 

Example : 

The Gaussian integers are the algebraic integers of k(\/— 1) for if a 
and b are ordinary integers, a + bi is a root of 
w 2 - 2 aw + a 2 + b 2 = 0, 

and it may be shown that all other numbers in k(\/ —1) are not roots of 
a polynomial with leading coefficient 1. 

Unities, associated numbers, and primes are defined as before. If Theorem 
63 held for the algebraic integers of any field then Conjecture 16 could be 
shown to follow. 

Assume 

A p + B p = C p (199) 

with A, £, and C prime to each other, and p an odd prime. Let 

P = e 2ni/p (200) 

and we may then factor the left side of Eq. (199) as follows 

(A + B) (A + pB) (A + p 2 B) • • • (A + P p ~ l B) = C p . (201) 
It may be shown that the algebraic integers of k(p) are 
a + bp + cp 2 + * • • + sp p 2 


where a, 6, • • ■ are ordinary integers. 

We have, therefore, as in Eq. (197), turned an additive problem into 
a purely multiplicative problem. 

Now if these algebraic integers had unique factorization we could deduce 
from Eq. (201) that each factor on the left is associated with a perfect 
pth power of an algebraic integer. If this were always true, Fermat's Last 
Theorem would follow. E. E. Kummer, A. L. Cauchy and G. Lame all 
assumed that such uniqueness did exist. However, Dirichlet pointed out 
that this must be proven. In fact, it is not true in general—the first counter¬ 
example being p — 23. To overcome this lack of unique factorization into 
primes, Kummer was led to introduce the important, underlying ideal 
numbers , a development we cannot enter into here. 

With this theory Kummer obtained a proof of Conjecture 16 for many 
prime exponents w. We will state his remarkable result but not attempt to 
prove it, as the proof is long and difficult. 

Definition 39. The Bernoulli number B n is a rational number defined by 
the power series: 



00 


+ X ( — i) 


B n x 2n 
( 2 n)\ ' 


( 202 ) 
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Examples : 




B 3 



Biq 


7709321041217 

510 


Definition 40. A prime p is regular if it divides none of the numerators of 


B\ , B 2 , Bz , * * • , B( P — 3)/2 


when these numbers are written in their lowest terms. Otherwise p is 
irregular. 


Example : 

Since 37|7709321041217, and the larger number is the numerator of 
B u , and 16 g J(37 — 3), 37 is irregular. 

Theorem 64 (Kummer, 1850). Fermat’s Last Theorem is true for every 
exponent which is a regular prime . The only irregular primes up to 100 are 
37, 59, and 67. 

Comments : 

(A) The definition of regular is explicit but complicated; it has no ap¬ 
parent relation to the problem. There is a more basic definition in terms of 
the so-called class number but this is less explicit numerically and would 
take longer to explain. This latter concept is fundamental, but is beyond 
our scope. 

(B) The name “irregular” is really misleading. Although only 3 of the 
first 24 odd primes, 2 < p < 100, are irregular, larger primes are “ir¬ 
regular” more often. Of the 367 primes, 2 < p < 2520, 144 are irregular; 
and of the next 183 primes, 2520 < p < 4002, 72 are irregular. These 
ratios: 


144 

367 


.392 


and 


72 

183 


.393, 


are substantial. 

(C) Other criteria have been found, besides Theorem 64, and applied 
to the irregular prime cases. With the aid of the SWAC, Selfridge, Nicol 
and Vandiver proved that Conjecture 16 is true for all exponents ^4002. 
But with Kummer’s regular primes, and other primes allowed by other 
known criteria, it has not yet been proven that there are infinitely many 
valid prime exponents. 

Before leaving nonunique factorization let us examine a few examples. 
Consider the quadratic fields k(\/N) where, without loss of generality, 
N is quadratfrei. Of the 12 cases, N — — 7, —6, —5, —3, —2, —1, 1, 2, 
3, 5, 6, 7, only in k(x/--5) and V — 6) do the integers not have unique 
factorization. We show two well-known examples. In fc(\/—5), 

21 = 3-7 = (1 + 2V~-5)(1 - 2 v /=: fi) 
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although the four factors here may all be shown to be primes. In k(y/^6) , 
6 = -V- 7 6(V^6) = 2-3 

and again the factors are primes. Finally we note, in passing, that in the 
corresponding two quadratic forms, 

a 2 + 5b 2 = (a + y/^b) (a - y/=5b), 

a + 65 2 = (a + y/ —65) (a — yf — 65), 

if we set a = n and 5 — 1, and consider 

n + 5 and n 2 + 6 

we obtain forms with an exceptionally low density of primes. See the table 
on page 49. This is not a coincidence—the low density is really related 
to the nonunique factorization—but the argument is a long one. 

52. The Restricted Case, Sophie Germain, and Wieferich 

Sophie Germain, a Parisian lady, was a contemporary of Gauss. Since 
the Ecole Polytechnique did not accept women in the school she took corre¬ 
spondence courses. She wrote Gauss after his Disquisitiones appeared 
telling him how much she liked the book. She included some of her own 
discoveries and signed—as talented ladies did in those days—with a 
male pseudonym, “M. Le Blanc.” Gauss was impressed. Only later, under 
interesting circumstances, did he learn that M. Le Blanc was a lady. 
Gauss was astonished and pleased. Henceforth their correspondence was 
not strictly technical; he told her his birthday, etc. 

There is a special case of Conjecture 16 which is substantially easier. 
In this, the restricted case, it is assumed, in 

A p + B p = C p 

that p does not divide A, B, or C. Since it is possible that this case is true 
while Conjecture 16 is false we state it separately. 

Conjecture 17. The equation 

a p + b p = c p 

has no solution in integers not divisible by p. 

The Encyclopaedia Britannica (1960) states erroneously that Sophie 
Germain proved this conjecture; the article should add: fof* p < 100. 
We give a cut-down version of her result. It shows 

(A) How far one can go with very elementary arguments, 

(B) That the restricted case is indeed easier, and 

(C) There is a relation to our Conjecture 5. See pages 30 and 31. 



Pythagoreanism and its Many Consequences 155 


Theorem 65 (Germain, modified). The equation 

A p + B p = C p (203) 

has no solution in integers prime to p if p is an odd prime , and q = 2p + 1 
is also a prime. 

Proof. Assume a solution. We may take A, B , and C prime to each 
other, and since p is odd we may write Eq. (203) symmetrically: 

R p + S p + T p = 0 (204) 

where A = R, B = S, and —C — T. Consider 

S p + T v = (~R) P . 

Both sides are divisible by S + T by Theorem 4 0 on page 17, and since 
p\R, we obtain p\S + T. Now let m = 1 in Theorem 48, page 105, and 
let 


S = x = a and T = —y = — b. 

Since p\S + T = a — 5, by Eq. (141), S + T = x — y is prime to 

_S P + T p _ (-R) p 

2 S + T 'sT~f' 

Therefore, since 

= (5 + n 


both factors on the right are perfect pth powers. Write 


8 + T = r\ 
Similarly, by symmetry, 

T + R = s p , 


R + S — t p , 


Therefore 


S p + T p _ , 
S + T p ’ 


T p + R P _ , 
T + R * 

R v + S p _ p 
R + S T 1 


~R = rp. 

—S = s<r. 
-T = tr. 


(205) 


(206) 


2 R = s p + f - r p . (207) 

Now, by Euler’s Criterion, if q = 2p + 1 does not divide R, S, or T, 
we have 


R P ,S P ,T P all s ±1 (mod q). 
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By Eq. (204) this is impossible. On the other hand, q cannot divide two 
or three of R, S , and T since they are prime to each other. Therefore q 
divides exactly one of them. Let it be R. From Eq. (207) it therefore 
follows similarly that q divides exactly one of r, s, and t , and by Eq. (206) 
it must be r. 

Then, since q | i?, from 

a p (T + R) *= T p + R p 
we have <r p T = T p (mod q), 

or (t p = T p ~ l (mod q). 

Now, since q \ a, 

T p ~ l ^ ±1 (mod <?). 


From Eq. (205), S s= —T (mod q), and therefore, from 


V 


p 


s p _l_ T P 

S + T 


sr 1 


- S*~ 2 T + 


+ T 


v— 1 


p p = pS 1 ^ 1 = pT p 1 db p (mod q). 


This is impossible, since (p | q) — d=l, and by Euler’s Criterion the 
theorem is proven. 

Comments : 

(A) Therefore Conjecture 17 istrueforp = 3,5,11,23, • • •, 16188302111, 


(B) If Conjecture 5 were true, Conjecture 17 would be true for in¬ 
finitely many primes. But the latter has never been proven. 

(C) By a modification of the argument, the criterion: 

2p + 1 is a prime, 

may be supplemented by other criteria. It suffices if any of the following 
are true: 

4 p + 1, Sp + 1, lOp + 1, 14p + 1, or 16p + 1 

is a prime. For example, since 

29 — 4 • 7 + 1 is a prime, 

Conjecture 17 is true for p = 7. The above criteria, taken together, suffice 
for all p < 100. Therefore, as S. Germain proved, Conjecture 17 is true for 
all p < 100. 

(D) Theorem 65 has about the easiest proof of any significant result 
obtained on Fermat’s Last Theorem. That the restricted case is much easier 
is also shown by the fact that in Kummer’s Theorem 64 the greatest 
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difficulty comes when the restriction is waived. Further, as we shall soon 
see, there can be little doubt that Conjecture 17 is true. Still, it has not been 
proven—not even for infinitely many p —as already stated in point (B). 
(E) Unique factorization is again fundamental. (Where does it enter?) 

In 1909 A. Wieferich showed that Conjecture 17 is true if 

p 2 ^ 1 - 1, (208) 

that is, if p is not a “Wieferich square” (see pages 116, 118). This criterion 
is therefore sufficient for all p < 100,000 except 1093 and 3511. However, 
despite the fact that these squares are so rare, no one has proven that 
there are infinitely many p which satisfy (208). Further, D. Mirimanoff 
subsequently (1910) showed that 

p^S*” 1 - 1 (209) 

was an equally valid criterion. Therefore the rare Wieferich squares must 
also violate the equally prevalent (209) if we are to discover a counter¬ 
example for Conjecture 17. 

With these and other similar criteria, and following many previous 
authors, D. H. and Emma Lehmer showed that Conjecture 17 is true for 
all primes <253,747,889. 

Exercise 109. Show that Conjecture 17 is true for p — 3 since if 3 
a 3 = ±l(mod 9). 

Exercise 110. Show that the 24 odd primes < 100 satisfy one or another 
of the six criteria in point (C), page 156. 

Exercise 111. If Conjecture 17 is true for all prime exponents does it 
follow that it is true for all exponents, as on page 148? 

53. Euler’s “Conjecture” 

Although 

A 3 + B 3 ^ C 3 

in positive integers we do have 

6 3 = 3 s + 4 3 + 5 s and 
29 3 = ll 3 + 15 3 + 27 3 . 

There are in fact infinitely many solutions of 

D 3 = A 3 + B 3 + C 3 . (212) 

In our proof of 


( 210 ) 

( 211 ) 


A 4 + B 4 C 4 
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we utilized the fact that we had all solutions of 

a + b 2 = c 2 

and that, of these, a and b could not be squares simultaneously. The strategy 
suggests itself to find all solutions of Eq. (212) and, by specialization, 
to show that Fermat’s Last Theorem is true for n = 3. Further, one could 
hope for a similar approach to n = 5, 7, etc. 

We know of no serious progress in this direction. In this connection there 
is a “conjecture” of Euler. While it has an attractive ring to it we know of 
no serious evidence and so shall call it 

Open Question 2. Can an nth power ever equal the sum of fewer than n 
nth powersf That is, can 

A n = BP + B 2 n + • • * + B k n 


for 1 < k < n? 

Euler “conjectured” no. If his “conjecture” were true, Fermat’s Last 
Theorem would follow as a special case. 

Exercise 112 (From Dickson). Write Eq. (212) in symmetrized form 

W* + X 3 + F 3 + Z 3 = 0. (213) 

Substitute 


W = + x + y + z), X = J(ii> + x - y - z) 

Y = %(w - x + y - z), Z = \{w - x - y + z) 

and show that Eq. (213) becomes the determinantal equation: 


w 3 z —3 y 
—z w 3x 
y —x w 


= 0 . 


(214) 


This is the condition that 


wa + 3 zb — 3 yc = 0, —za + wb + 3a;c = 0, ya — xb + wc = 0 

have solutions a, b , and c not all zero. 

Solve for x, y, and z in terms of w and obtain solutions of Eq. (214): 

w — —6 pabc x = pa(a 2 + 36 2 + 3c 2 ) 

y = P b(a 2 + 3 b 2 + 9c 2 ) z = 3pc(a 2 + 6 2 + 3c 2 ). 

Now with a = b = c = 1 and a proper choice of p obtain Eq. (211). 
Conversely, from Eq. (210), obtain an a, b, c , and p which gives that 
solution. Finally, can all solutions of Eq. (212) in integers be obtained by 
these formulae? 
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54. Sum of Two Squares 

On pages 150-151 we gave a nonconstructive, partial proof of Theorem 
60 based upon Gaussian integers. We now give two complete proofs, the 
first explicitly constructive, and the second implicitly constructive. Both 
are based upon (— l|p) = +1. The first proof—it may be Fermat’s— 
uses the method of descent and also a famous identity which goes back 
(at least) to Diophantus: 

Theorem 66. 

(a 2 + b 2 )(c + d 2 ) = (ac + bd) 2 + {ad - be) 2 

o n (215) 

= {ac — bd) -f~ {ad -p be) . 

Proof. Clear. 

Proof of Theorem 60. If p is a prime = 1 (mod 4), there is an s < p 
such that p|s 2 + 1. Write s = Oo , 1 — b 0 , and 

pqo = no 2 + b 2 . (216) 

It follows that g 0 < p. If go = 1, p = a 2 + ft 2 . If not, divide a 0 and ft by 
g 0 choosing remainders, positive or negative, which have a minimum 
magnitude: 


a 0 = r 0 q 0 + cto, ft = s 0 go + ft (217) 

Both remainders, a 0 and ft, therefore satisfy | x | ^ Jgo, and not both 
are zero. For if a 0 = ft = 0, we have go|p, and since 1 < g 0 < p this is 
impossible. 

Now define q x by 

gogi — ot 2 + ft 2 (218) 


and we have 0 < q x S igo. But, from Eqs. (216) and (215), we have 
pq*qi = (a o 2 + ft 2 ) {a 2 + ft 2 ) 

= (ao^o + ftft ) 2 + (aoft — boao) 2 . 

Substituting Eq. (217), and dividing by g 0 2 , now yields 

pqi = (r 0 a 0 + Soft + gi) 2 + (r 0 ft — s Q a 0 ) 2 . (219) 


Thus, if 

a x = | r 0 a 0 + soft + gi | 
bi = | r 0 ft — Sod 0 1 

we have 

2 I 7 2 

pgi = ai + b x . 


( 220 ) 


( 221 ) 




160 Solved and Unsolved Problems in Number Theory 

If qi 7 * 1, we continue, and obtain 

<?o > <Zi > * * * > <Z* = 1. 

Finally 

2 I 72 

p — a n — i b n • 

To show the uniqueness asserted in Theorem 60, we assume a, b, c , and 
d are positive and 

p = a + 6 2 — c + d 2 . (222) 

By Eq. (215), 

p 2 = (ac + 6d) 2 + (ad - 6c) 2 (223) 

and 

p 2 = (ac - bd) 2 + (ad + 6c) 2 . (224) 

By Eq. (222), (p - a 2 ) d 2 = (?) - c 2 )6 2 or 

p(d 2 - 6 2 ) = (ad- be) (ad + 6c). 


Now if p\ad — be , by Eq. (223) we have ad — be = 0, and thus d 2 — 6 2 = 0 
or d = 6. Whereas, if p|ad + 6c, by Eq. (224) we have ac = 6d, and since 
(a, 6) = 1, we have a\d and 6|c. By Eq. (222) we now have d = a. Since 
p is prime, we must have one of these two cases. 

Finally, to make the determination of p = a 2 + b 2 completely con¬ 
structive—but not necessarily efficient—we note that we may take 


s = ao == 



(mod p) 


by Wilson’s Theorem, and Exercise 22, page 38. 

Exercise 113. Determine 29 = ai 2 + b 2 and 89 = a 2 + 6 2 2 , given 
29 112 2 + 1 and 89 | 34 2 + 1. 

Exercise 114. From the previous exercise find the two representations 
of 

29*89 - 2581 = A 2 + B 2 


using Eq. (215). 

Exercise 115. Given p = a 2 + 6 2 , determine 2p — A 2 + B 2 , and 
5p = C 2 + D 2 = E 2 + F 2 . 

Exercise 116. Using the results of Exercise 113, find, conversely, an 
x and y such that 29 \x 2 + 1, and 891 y + 1 by x = ai6i 1 (mod 29), and 
y =s ajbf 1 (mod 89). 
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A shorter, more modern proof of Theorem 60 is related to the idea in 
Exercise 116. It uses Thue’s Theorem, and this, in turn, uses the 

Dirichlet Box Principle. If more than N objects are placed in N boxes, 
at least one box contains two or more objects . 

Theorem 67 (Thue). If n > 1 , (a, n) = 1, and m is the least integer 
> y/n, there exist an x and y such that 

ay = -\-x or —x ( modn ) 

where 


0 < x < m, 0 < y < m. 

Proof. Consider ay — x for the m possibilities: y = 0, 1, 2, • • • , m — 1 
and x = 0, 1, 2, • • • , m — 1. Since m > n, by the Dirichlet Box Principle 
at least two of these possibilities must be congruent modulo n. Let 

ay x — Xi = ay 2 — x 2 (mod n) 

with yi > y 2 . Further x x ^ x 2 , for otherwise, since (a, n) — 1, we have 
yi = y 2 . Let y ~ y\ ~ y*i and x — ±(xi — x 2 ) >0 and we have 

ay s -\-x or —x (modn) 

as required. 

Second Proof of Theorem 60. Let p|$ 2 + 1. By Thue’s Theorem there 
exist positive integers x and y < yfp such that 

ys = ztx (mod p). 

Since (y, p) = 1, we have 

s 2 + 1 = x 2 y~ 2 +1^0 (mod p) 
or 

x + y 2 = 0 (mod p). 

But 0 < x + y 2 < 2p. Therefore p = x 2 + y 2 - The uniqueness we prove 
as before. 

Exercise 117. Apply the Dirichlet Box Principle to Gertrude Stein’s 
surrealist opera, Four Saints in Three Acts, and draw a valid inference. 

55. A Generalization and Geometric Number Theory 

Fermat, in a letter to Frenicle (1641), called Theorem 60 “the funda¬ 
mental theorem on right triangles.” Compounding factors by Eq. (215), he 
obtained numerous results such as: 

A prime = 4 m + 1 is the hypothenuse of a Pythagorean triangle in a 
single way, its square in two ways, its cube in three ways, etc. 
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Example: 

5 2 = 4 2 + 3 2 

25 2 = 24 2 + 7 2 = 20 2 + 15 2 

125 2 = 120 2 + 35 2 = 117 2 + 44 2 = 100 2 + 75 2 , etc. 

It is clear, from Eq. (215), that the product of two distinct primes of 
the form 4m + 1 is a hypothenuse in two ways, and, it may be shown, 
that a product of k such primes is a hypothenuse in 2*” 1 ways. 

Exercise 118. Obtain 4 distinct representations of n = A 2 + B 2 for 
(the Carmichael number) n = 5 13-17 = 1105. 

We asked, on page 143: In how many ways is n a sum of two squares? 
The answer takes a particularly neat form if we alter the convention of 
what we mean by “how many ways.” 

Definition 41. By r{n) we mean the number of representations n — 
x 2 + y 2 in integers x and y y which are positive, negative, or zero. The 
representations are considered distinct even if the x’s and y’s differ only 
in sign or order. Further we define R(N ) by 

N 

R(N) = Er(n). (225) 

n =0 

Examples : 


r( 0) 

= 1 

since 

0 = 

o 2 + o 2 . 

r(4) 

= 4 

since 

4 = 

(±2) 2 + 0 2 = 0 2 + (±2) 2 . 

r( 8) 

= 4 

since 

8 = 

(±2) 2 + (±2) 2 

r(10) 

= 8 

since 

10 = 

= (±1) 2 + (±3) 2 = (±3) 2 + (±1) 2 . 


r(p) — 8 if p is a prime = 4m + 1. 

12(12) = l+ 4 + 4 + 0+ -- *+ 0 = 37. 

It can be shown, by elementary methods, that the following result holds. 

Theorem 68. If n, ^1, has A positive divisors =1 (mod 4) and B positive 
divisors = — l(mod4), then 

r(n) = 4(A - B). (226) 

We mean here all divisors , not merely prime divisors. 
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Examples: 


r(2) = 4 
r(5) = 8 
r( 7) = 0 
r(65) = 16 


since A = 1; 
since A = 2; 
since A = 1; 
since A = 4; 


( 1 ). B = 0. 

(1, 5). B = 0. 

( 1 ). 5 = 1 ; ( 7 ). 

(1, 5, 13, 65). B = 0. 


Theorem 68 contains Theorem 60 as a special case when allowance is 
made for the different conventions. We now apply this generalization to 
derive the famous Leibnitz series: 


i» 


1 -*+*-++*- 


(227) 


Equation (227) was one of the first results obtained by Leibnitz from his 
newly discovered integral calculus. In the subsequent priority controversy 
concerning the calculus, Newton’s supporters pointed out that Gregory 
had already given 

arctan x = x — %x s + ix — 


and Eq. (227) follows by taking x = 1. Our present interest concerns 
quite a different point—a remark by Leibnitz concerning Eq. (227). He 
suggested that with Eq. (227) he had reduced the mysterious number r 
to the integers. We may contest this claim. The derivation of Eq. (227) 
using integration and Taylor’s series does not reveal the number-theoretic 
relation between ir and the odd numbers. One may ask, “What has a circle 
to do with odd numbers?” and receive no convincing answer from this 
derivation. The real insight is given by Theorem 68. 

Consider the number of Cartesian lattice points (a, b) in or on the circle 
a: 2 -|- y = N. We show these points for N = 12. There are 37 of them. 



z 2 + y g 12 
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It is clear, by Definition 41, that the number of such points equals R(N), 
since each point corresponds to exactly one representation of one n = a 2 + 
b == N . Further, if we associate each point (a, b) with the unit square of 
which it is the center, (a ± f, b dz J), we see that R(N) approximates the 
area of the circle, *N. The reader may show that the difference, R(N) - 
ttN, vanishes with respect to tN as N —> <», since this difference is associ¬ 
ated with the (relatively small) region along the circumference. In this way 
he will obtain 

Theorem 69. 


R(N) ~ ttN. (228) 

Corollary. The mean number of representations of n ~ a 2 + 6 2 , for n up 
to n — N, tends to tt as N —♦ °o. 

But, from Theorem 68, we may obtain a neat and exact formula for 
R(N). Each n ^ N receives a contribution of 4 representations from its 
divisor 1. Each n ^ N, which is divisible by 3, loses 4 representations from 
this divisor 3, and there are [iV/3] such values of n. Similarly, there are 
4[iV/ (2k + 1)] contributions, or 4[N/(2k + 1)] losses, corresponding to 
the odd divisor 2k + 1, according as k is even or odd. Counting the single 
representation of 0 = 0 2 + 0 2 , we thus obtain 

BW=1+4 {[ ? ]_[i] + [ f ]_[ f ] + ...}. (aM 

Further, since [N/(2k + 1)] = 0 if 2 k + 1 > N, we may write Eq. (229) 
as an infinite series, and thus obtain 

Theorem 70. 


(230) 

Example: 

R( 12) = 1 + 4{12 - 4 + 2 - 1 + 1 - 1} = 37. 

With Theorem 69, dropping the 1 as N —» °o, we obtain 

(231) 

Now split the right side into two sums: 

h K ’ [2k + lj + 1 ; |_2 k + lj 
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where 


K = [VN] - 1. 


There are [VN] terms in the first sum and we have 

5 - N L < - 1) *2FTl + ,vn - 

where | 6 | < 1, since the error made by removing the square brackets in 
each term is <1. On the other hand the magnitude of the second sum is 
less than, or equal to, the magnitude of its leading term—since the terms 
are alternating in sign and monotonic in magnitude. Therefore it equals 
d'y/N where | 0' | < 1. Therefore, dividing by N, Eq. (231) now becomes 


i * 


K i /)// 

y (-D k 1 + — 

fc=o 2/c + 1 VN 


where | 0" | < 2, and, letting i\T —> co, Eq. (227) follows. 

Exercise 119. Gauss gave R(100) = 317 and i?(10,000) = 31417. 
Verify the former, using Eq. (230). 

Exercise 120. Jacobi’s proof of Theorem 68 was not elementary but was 
based upon an identity which he obtained from elliptic functions: 


(1 + 2x + 2x + 2x + 2x u + • * • ) 2 


= 1+4 



1 — x l 


+ 




Show that if the left side is written as a power series, 
1 + a x x + a^x + azx + • • * , 


then a n = r(n) , while if the right side is 

1 + + b 2 x 2 + b z x 3 + • • • , 

then 6 n = 4 (+ - B) > where + and B are as in Theorem 68. 


56. A Generalization and Binary Quadratic Forms 

We now (start to) generalize Theorem 60 in a different direction. We 
consider numbers of the form x 2 + Ny 2 as suggested on page 143. At first 
things go easily. Theorem 66 becomes 

Theorem 71. 

(a 2 + Nb^ic 2 + Nd 2 ) = ( ac + Nbd ) 2 + N(ad - be ) 2 
' = (ac - Nbd ) 2 + N(ad + be) 2 . 


( 232 ) 
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Proof. Consider 

(a + \f—Nb) (a - V^Nb)(c + y/=Nd)(c - V^Nd). 

By pairing the 1st and 2nd terms, and the 3rd and 4th we obtain the left 
side of Eq. (232). By pairing the 1st and 4th terms, and the 2nd and 3rd we 
obtain the first right side; while pairing the 1st and 3rd terms, etc., gives 
the second right side. 

For N = 2 and 3, Theorem 60 generalizes easily to 

Theorem 72. Every prime p of the forms 8m + 1 and 8m + 3 can be 
written as p = x 2 + 2 y 2 in a unique way . Every prime p of the form 6m + 1 
can be written as p = x 2 + 3 y 2 in a unique way . 

Proof. If — N is a quadratic residue of p there is an $, prime to p, such 
that s 2 + N = 0 (mod p). By Thue’s Theorem, as on page 161, there are 
positive integers x and y < \/p such that 

s 2 + N = xy~ 2 + N = x + Ny 2 = 0 (mod p). 

Now if p = 8m + 1 or 8m + 3, (-2|p) = +1, and x + 2y 2 is a multi¬ 
ple of p which is <3p. If x + 2y 2 = p, we have our solution; but if x 2 + 
2y = 2 p, since x must be even, = 2w, we have y + 2w 2 = p as our 
solution. 

Again, if p = 6m + 1, (—3|p) = +1, and x + 3 y is a multiple of 
p < 4p. Now x + 3 y 2 ^ 2p, for if equality holds, x and y are either both 
odd or both even and therefore x + 3 y is divisible by 4, that is, 2|p. 
Therefore either p = x + 3 y 2 , or x = 3w and y + 3 w 2 = p, as before. 

The uniqueness follows from the more general 

Theorem 73. If N > 0 there is at most one representation of a prime p as 
p = a 2 + Nb 2 in positive integers a and b. 

Proof. This is left for the reader, who will utilize Theorem 71. 

Now, the “natural” generalization of Theorem 72 would be this—if 
(— A |p) = +1, then p = x + Ny in a unique way—but this supposition 
is not true. The generalization breaks down at two points. 

First, as hinted by the qualification, N > 0, in Theorem 73, uniqueness 
need not hold if N < 0. Thus we have (see page 143) the Fermat-Frenicle 

Theorem 74. Every prime p of the form 8m ± 1 can be written as a 2 — 2b 2 
in infinitely many ways. 

Proof. Since (2|p) = +1, we have, by Thue's Theorem, x — 2y 2 is a 
multiple of p, <p and > —2p. Since x — 2 y 2 0 by Theorem 56, we have 

2 o 2 

x — 2y = —p. 
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Therefore 

(x + 2 y) 2 — 2(x + y) 2 = p 


or 

a 2 - 2 b 2 = p. (233) 

Now let a 2n and c 2ft be the side and diagonal numbers of Theorem 58, 
page 139. Then by Eqs. (232) and (172), 

(cL - 2aL) (a - 2b 2 ) = p 

and 

p = (c 2n a — 2 a 2 J>) 2 — 2(c 2n 5 — a 2ri a) 2 . 

Likewise 

p = (c 2n a + 2a 2n b) 2 — 2(c 2n b + a 2n a) 2 . 

Therefore from each of the infinitely many pairs (c 2n , a 2n ), and from Eq. 
(233) we obtain two other solutions of Eq. (233). 

Example : 

From 3 2 - 21 2 = 7, and ( c 2n , a 2n ) = (3, 2) and (17, 12), we find: 

7 = 5 2 — 2*3 2 = 13 2 - 2-9 2 = 27 2 ~ 2-19 2 = 75 2 - 2 - 53 2 . 

Exercise 121. From 5 2 — 2-2 2 = 17, find four other representations of 
a 2 - 2b 2 = 17. 

To generalize Theorem 74 to a 2 — 36 2 , a 2 — 5b 2 , etc., we would need the 
generalization of Theon’s Theorem 58 known as Fermat's Equation, i.e., 
Eq. (174). This we will investigate in Sect. 58 below. We may also note 
that the infinite number of solutions in Theorem 74, in distinction to the 
single solution in Theorem 72, is associated with the fact that the alge¬ 
braic number field k(y/ 2) has infinitely many unities—see pages 152, 150. 
That is, 

c n + x/2a n \l 

for any side and diagonal numbers a n and c n . 

A second, and more difficult, point which precludes the simple generaliza¬ 
tion of Theorem 72 mentioned on page 166 is this. In the proof of Theo¬ 
rem 72—say with N > 0—one finds an x and y such that x + Ny 2 = rp, 
where the coefficient r satisfies 1 ^ r < N + 1. It is not clear that, with 
these many possibilities for r, one can always obtain an r = 1. 

Indeed, for N = 5 and 6 this is impossible. Thus (—6|p) = +1 for 
p = 24m + 1, 5, 7, or 11 (see table on page 47). In particular (—6|5) = 1. 
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But it is clear that 5 ^ a + 6b 2 . Similarly, ( — 5|3) = +1, but 3 5* a 2 + 
5b 2 . The partial proof of Theorem 60 using the unique factorization of 
Gaussian integers (page 150) suggests that the “difficulty” stems from the 
lack of unique factorization in fc(\/—5) and fc(\/—6) (see page 153). 
This is indeed the case. The following may be shown. 

Theorem 75. If (—6|p) = 1, p = a 2 + 6b 2 in a unique way if p — 24 m + 
1, 7. But 2p = a 2 + 6b 2 if p = 24m + 5, 11. Similarly , if (—5| p) = 1, 
p = a 2 + 5b 2 or2p = a 2 + 5b 2 according asp = 20m + 1, 9 orp — 20m + 
3, 7. 

The two classes of primes, in either case of this theorem, are related to 
the so-called class number (see page 153), which is >1 when unique fac¬ 
torization is absent. We cannot do justice to this most interesting concept 
in a few pages. Instead we pass on to other subjects. 

Exercise 122. Prove that for N = 7 everything is “OK” again—that is, 
if (—7|p) = +1, there is a unique representation p = a 2 + 7b 2 . The fact 
that the relatively large value N = 7 is still “OK” is related to the specially 
large density of primes of the form n 2 + 7. See table on page 49 and com¬ 
pare remarks about n 2 + 5, 6 on page 154. 

Exercise 123. For N - 10, find a p such that (-10|p) = +1, but 
p 7* a 2 + 10b 2 . 

Exercise 124. In general, if p < N, p ^ a 2 + Nb 2 . What does this sug¬ 
gest concerning unique factorization in k(\/—N) in general? Investigate 
the literature to confirm or reject any hypothesis you develop. Caution: 
If N = —1 (mod 4) the integers of k(\/—N) are of the form 
h( a + \/—Nb). By unique factorization one could therefore only conclude 
that 4p = a 2 + Nb 2 . An example is p = 3, A = 11. The integers 
in k( \Z-~11) do have unique factorization. 

Exercise 125. Analogous to Theorem 68, for N = 2 there is the 
following: 

The number of representations of n = x + 2y 2 is equal to 2(A — B) if 
n has A divisors =1,3 (mod 8), and B divisors = —1, —3 (mod 8). 

By an argument similar to that above (page 164) but now using ellipses 
x + 2 y 2 — n , show that 

-JL.-1+1-I-l + i + l-l-l... 

2y/2 3 5 7 9 11 13 15 

Exercise 126. Conjecture the results analogous to the previous exercise 
for N = 3. Investigate the literature to check your conjecture. 

57. Some Applications 

We now give several applications of the foregoing results. 
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(A) (For those who know vector algebra.) Diophantus’s formula, Eq. 
(215), has an interesting interpretation in vector algebra. Let 

Vi = ai + bj 9 V 2 = ci + dj. 

Then the scalar and vector products are V x • V 2 = ac + bd, V x X V 2 = 
(ad — bc)k. But the magnitude of V x X V 2 is the length of V x times the 
length of V 2 times the sine of the angle between them. And V x - V 2 is the 
length of V x times the length of V 2 times the cosine. Therefore 

|F 1 | 2 |F 2 | 2 = (VvV 2 ) 2 + \V x X v 2 \\ 

and we obtain the first part of Eq. (215). On the other hand, if F 3 = ci — di y 
while | F 3 1 = | V 2 | , the sine and cosine of the angle between V x and F 3 
will now be different, generally, and we obtain the second representation 
in Eq. (215). 

(B) (For those who know partial differential equations.) If the lowest 
frequency with which an elastic square membrane can vibrate is 

coo = \/2 k 

where k is a constant, then it is well known that every possible frequency 
is given by 

a> = \Za 2Z f b 2 k (234) 

where a and b are positive integers. Corresponding to this frequency, Eq. 
(234), the shape of the membrane is given by 

Csin ( iray/L) sin (wby/L) 

where L is the length of the side. For the frequency Eq. (234), there will 
therefore be $ different modes of motion if n = a 2 + 6 2 can be written as a 
sum of squares in $ different ways—where a and b are positive, but where 
the order is counted. Thus for co 0 , s = 1; for w — y/dk , s = 2; for co = 
\/6§k, s = 4, etc. 

(C) (For those who attempted Exercise 16, page 29.) By Theorem 72 
the prime q ~ 6p + 1 may be written 

q = a 2 + 36 2 

in a unique way. The criterion sought is this: q\M p if, and only if, 3| b. 
Examples : 

V = 5, q - 31 - 2 2 + 3*3 2 ; Since 3|3, 31 \M b 

p = 13, q = 79 = 2 2 + 3*5 2 ; Since 3|5, 79 \M U 

p = 17, q = 103 = 10 2 + 3-1 2 ; Since 3+1, 103|M 17 

We shall not prove this rule, but we will indicate its source. 




170 Solved and Unsolved Problems in Number Theory 


Let g be a primitive root of q, and let 2 = g e (mod q), and therefore 
2 P = g ep (mod q). Since q = 6p + 1, we have that q\M P if, and only if, 
6|e. Since p = 4m + 1 (see page 29), we have (2\q) = +1, and e is 
even. Therefore q\M p if, and only if 3|e. Therefore the necessary and 
sufficient condition sought is that 2 is a cubic residue of q: 

x 3 = 2 (mod q). 

Prior to the time that the theory of cubic residues was developed, Gauss 
found that it was necessary in developing the theory of biquadratic res¬ 
idues, x* = a (mod p), to introduce the Gaussian integers—namely, those 
of the algebraic number field k(e 2irtli ) = k{i). Similarly, under this stimu¬ 
lus, Eisenstein developed the theory of cubic residues with the field k(e 2r<13 ). 
Since 

e 2*i/3 = !(_! + ^=3), 

we are not surprised to find criteria involving 

a + 3 b 2 = (a + \/^3 b)(a - b). 

The criterion that 2 is a cubic residue of q — 6 m + 1 is: 3|6, where q = 
a + 3b 2 . 

(D) (Necessary and Sufficient Conditions for Primality.) 

Theorem 76. For n > 1, and 

N = 1: assume n = 4m + 1; for 

N = 2: assume n = 8m + 1 or 8m + 3; for 

N = 3: assume n — 6m + 1. 

If n is prime, n = a + Nb 2 in a unique way in positive integers a and b, 

and (a, b) — 1. Conversely, if n — a + Nb 2 in a unique way in nonnegative 
integers, a and b, and if (a, b) — 1, then n is prime . 

Proof. For n prime we have shown a unique representation. Further 
(a, b) = 1 since (a, b)\n. 

Now, conversely, let n = a 2 + Nb 2 and (a, b) = 1. Then (b, n) = 1 
and ( ab J ) 2 ^ —TV (mod n) . Thus every prime divisor of n is of the form 
listed above corresponding to N. By Theorem 71, 

(a 2 + Nb 2 )(c 2 + Nb 2 ) = (ac + Nbd) 2 + N(ad - be) 2 

(235) 

= (ac - Nbd) 2 + N(ad + be) 2 . 

Therefore a product of two primes satisfying (— N\p) = +1 is also of 
the form x + Ny 2 with x and y positive. For if (ac — Nbd) and (ad — be) 
were both zero, we find a — Nb 2 . For N = 2, 3 this is clearly impossible. 
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For N = 1, likewise—since otherwise a 2 + b 2 would be even. Therefore at 
least one of the representations in Eq. (235) has x > 0 and y > 0. By 
induction every divisor of n > 1 equals x + Ny 2 in positive integers. 
Therefore if n is composite, write it as a product, Eq. (235), with a, b, 
c, d > 0. Then there are at least two distinct representations of n in non¬ 
negative integers, since ac + Nbd > ac — Nbd. For N = 2, 3 this suffices. 
For N = 1, we must also show that ac + Nbd — ac + bd ^ ad + be. 
This is so because 


a(c — d) = b(c — d) 

implies c = d, or a = b, and thus that n is even. This completes the proof. 

With Theorem 76 we have a method for determining the primality of 
n = 4m + 1 by N = 1, and of n = 8m + 3 by N = 2. The method is 
useful if n is not too large. One uses subtraction and a table of squares, 
instead of division and a table of primes. To test the remaining numbers, 
namely n = 8m + 7, one would want to use N = —2. But as we have 
seen in Theorem 74 we now lack uniqueness. To clarify the number of 
representations of n — a — 2b 2 we now investigate Fermat’s Equation. 

Exercise 127. Show that Theorem 76 may be easily extended to the 
case N = —1 and n = 2m + 1. 

Exercise 128. 45 = a + b 2 in a unique way, but 45 is not a prime. 
25 = a 2 + b 2 in a unique way in 'positive integers, but 25 is not prime. 
21 a + b 2 , and therefore 21 is composite. Again, 21 is composite since 
it equals a 2 + 5b 2 in two ways. But neither 3 nor 7 equals a 2 + 5b 2 . From 
Theorem 75, 

3 = §(l 2 + 5-l 2 ), 7 = K3 2 + 5-l 2 ). 

Thus 3-7 - (4 + V^) (4 - v^S) = (1+ 2 V^5) (1-2 V~5). 
Compare page 153. Construct a similar example: pq = a 2 + 66 2 in two 
ways, while neither p nor q equals a 2 + 6b 2 . 

Exercise 129. One half of the numbers 8m + 7 may be tested by n = 
a 2 + 3 b 2 . 

Exercise 130. All M p for p an odd prime fall in the class indicated in 
the previous exercise. In particular M n is not a prime, since M n ^ a 2 + 3 b 2 . 
But for p large, say p = 61, the test is impractical. 

58. The Significance of Fermat’s Equation 
The equation: 

x 2 — Ny 2 = 1 (236) 

for N > 1, and not a square, is called Fermat’s Equation. In older writings 
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it is often called “Pell’s Equation.” If N = n, it is clear that Eq. (236) 
has no solution in positive integers since no two positive squares differ 
by one. Fermat stated that Eq. (236) has infinitely many solutions for 
every other positive N. He suggested the cases N = 61 and 109 as challenge 
problems. Later Frenicle challenged the English mathematicians with 
N = 151 and 313. 

For some N a solution is easily obtained. For W = 2 we have 3 2 — N2 2 = 
1 from Theorem 58, and, more generally, if N = n 2 + 1, 

(2 n + l) 2 - N(2n ) 2 = 1. (237) 

But for N = 61, x = 1766319049 and y = 226153980 is the smallest solu¬ 
tion, and for N — 313 the smallest x has 17 digits. Such an x is not some¬ 
thing one would like to obtain by trial and error. 

Exercise 131. Verify the following generalization of Eq. (237). If 
N = ( nm ) 2 iL m, then 

(2 nm ± l) 2 - N(2n) 2 = 1. (238) 

And if N ~ (nm) 2 db 2m, then 

(nm ± l) 2 - N(n) 2 = 1. (239) 

Show that by a proper choice of m and n, Eqs. (238) and (239) suffice to 
yield solutions for all nonsquare N where 2 ^ N S 20 except for two 
cases. Likewise for 30 ^ N g 42. 

In the next section we state and prove the main theorem by a lengthy 
implicit construction. Later we give an efficient algorithm. We now list 
some reasons why Eq. (236) is important. 

(A) If Eq. (236) is generalized to 

a 2 - Nb 2 = M (240) 

for any integer M, there can be no solution unless M is a quadratic residue 
of every prime which divides N ; the example N = 3, M = — 1 was men¬ 
tioned on page 140. (We note that while this condition is necessary, it 
is not sufficient. Thus 

a - 346 2 - -1 

has no solution even though —1 is a quadratic residue of 2 and 17.) M = 1 
is, of course, a quadratic residue of all primes. 

(B) But if Eq. (240) has a solution, it has infinitely many. Using the 
method in the proof of Theorem 74, with the identity from Theorem 71, 

(z 2 - Ny 2 ) (a 2 - Nb 2 ) = (xa ± Nyb) 2 - N(xb ± ya) 2 , (241) 

and with any solution of Eq. (236), one obtains another solution of Eq. 
(240). Further, since we may take M — 1, one solution of Eq. (236) 
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implies infinitely many. All this because 1 • M = M on the left side of 
Eq. (241). 

(C) This special role of M = 1 is also indicated—it is really the same 
point in different language—by the fact that for any solution x and y 
of Eq. (236), 

x d= \/N y 

is a unity of the algebraic field k(\/N). See pages 152, 167. 

(D) Again, the solutions of Eq. (236) are intimately related to the 
rational approximations of y/N, as we already noted on pages 139, 140. 
Thus, from a larger solution for N = 3: 

70226 2 - 3 • 40545 2 = 1, 

we get 

70226/40545 - 1.7320508077 ■ • • , (242) 

which agrees with \/3 to ten figures. 

(E) Further, these approximations, and the solutions of Eq. (236), 
are obtained by infinite continued fractions , and Fermat's Equation was 
the occasion for the introduction of this technique into number theory. 

(F) The same continued fractions may be used expeditiously to obtain 

2 r t.2 

p = a + b 

for primes of the form 4 m + 1. 

(G) If we factor the left side of Eq. (242): 

70226 _ 26 37 73 
40545 15 51 53 

we obtain convenient gear ratios to approximate \/3: 



(H) But to carry out such factorizations it is desirable to know the 
divisibility properties of the solutions (x, y) of Eq. (236). These properties 
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are given by interesting and useful divisibility theorems for the infinite 
sequence of solutions of Eq. (236). For N — 3 these theorems were used 
by Lucas to obtain his criterion for the primality of Mersenne numbers. 
It was this consideration (page 120) which led us into this chapter. 


59. The Main Theorem 
Theorem 7 7. If N > 1 , and not square , 

x 2 - Ny = 1 (243) 

has infinitely many solutions in positive integers . If X\ + y/N y\ is the 
smallest value that x + y/N y takes on , with x, y a solution , then every solu¬ 
tion is given by 

X n + y/N y n = (xi + y/N yi) n . ( 244 ) 


The x n and y n may be computed explicitly by 

x n = %[( x i + y/N yi) n + (#i — y/N y\) n \ 

Vn = ^ Xl + ^ Vl)n ^ Xl ~ ^ Vl ^’ 


or recursively by 


x n +i = Xix n + N yiy n 
Vn+ 1 = yiX n “b X\y n . 


(246) 


Comment: If x, y are positive integers which satisfy Eq. (243) we will 
sometimes use the expression: x + y/Ny “is” a solution of Eq. (243). 

Proof. First we prove that xi — Nyi = 1 implies x n 2 — Ny 2 = 1. 
From Eq. (241), with x = a = xi and y = b = y\ , and choosing the 
plus sign on the right, we see that the x 2 and y 2 of Eq. (246), with n = 1, 
satisfy Eq. (243) if Xi and yi do. By induction, the x n and y n of Eq. (246) 
also satisfy Eq. (243). Also, by induction, these integers satisfy Eq. (244), 
and likewise 

Xn — y/Ny-n = (Xi — y/Nyf) n . 

Then Eq. (245) follows at once. 

Next we prove that there are no other solutions. Assume another solu¬ 
tion, Eq. (243). Then 

x + y/Ny x n + y/Ny n , 

for, if equality held, x — x n = y/N(y n — y), and, since y/N is irrational 
by Theorem 57, we must have y ~ y n , x = x n . Therefore, since x\ + 
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VNvi > and thus, by Eq. (244), x n + y/Ny n < x n +x + y/Ny n +i , 
assume 

x n + y/Ny n < x + y/Ny < x n+x + y/Ny n +i. (247) 

Since (x n — y/Ny n ) (x n + \/Ny n ) = 1, we note that the first factor here 
is >0. Multiply Eq. (247) by this positive number, x n — \ / Ny n , and 
we have 

1 < (* + VNy)(x n - VNy n ) < (x l + VNy 1 ) n+ \x 1 - y/Ny ’,)* 

= xi + VNyi. 
Let 

(x + a /Ny){x n — y/Ny n ) = a + a/#& 

where a = xx* — Nyy n and b = yx n — xy n - But 

a 2 - Nb 2 = (x 2 - i\fy 2 )(z„ 2 - W^ 2 ) = 1, 

and since 1 < a + \/^Vh we find 0 < a — y/Nb < 1. Thus 1 < 2a and 
0 < 2 y/N b. Therefore we have a solution of Eq. (243) in positive integers 
a and b with a + y/Nb < x x + y/Nyi . Since by the definition of x x + 
y/Nyi this cannot be, there is no other solution x + y/Ny. 

Finally we come to the real problem, to show that Eq. (243) has at 
least one solution. The first published proof is by Lagrange. Our proof 
rests on a lemma which we will prove later in two ways. 

Lemma. There is an integer M such that x 2 — Ny 2 = M has infinitely 
many solutions in 'positive integers. 

We assume this now and consider M 2 boxes B ayb with 0 ^ a < | M |, 
0 ^ b < ( M |. Choose M 2 + 1 solutions of x — Ny 2 = M and place each 
pair (x, y) in the box B ab if x = a, y = b (mod | M |). By the Box Principle 
we therefore have two different solutions: 

xj 2 - Ny 2 = x 2 2 - Ny 2 = M (248) 

with xi = x 2 , y x = y 2 (mod | M |). Thus 

xix 2 — Ny x y 2 = xi 2 — Ny 2 s= 0 = x x y 2 — x 2 y x (mod | M |), 

and we have x 2 x 2 — Ny x y 2 — wM and x 2 y 2 “ x 2 ?/ 2 = yM with w and v in¬ 
tegers. 

But, by Eqs. (241) and (248), 

M 2 = (xix 2 — Ny x y 2 ) 2 — N(x x y 2 — x 2 y x ) 2 = (u — Nv 2 )M 2 . (249) 

Then 

u 2 - Nv 2 = 1 . 
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Now, if v = 0, x x y 2 = x 2 y x and, by Eq. (249), 


M = ±(x x x 2 — Ny x y 2 ). 


Thus 


Mx x y 2 = ±(x x x 2 y 2 - Ny x x 2 y 2 ) = ±Mx 2 y 2 . 

Since x x > 0 and x 2 > 0 we have x x = x 2 , and likewise y x = y 2 . Thus 
v 2 > 0 and Eq. (243) has at least one solution u — Nv 2 — 1 in positive 
integers. By the Well-Ordering Principle there is therefore a smallest 
solution: x x + \/Ny x . 

The reader may note that the device used in Eq. (249) of multiplying 
two equations, and then dividing them by M 2 , is analogous to the strategy 
utilized in Theorem 60, both after Eq. (218) and after Eq. (222). 

A proof of the Lemma using a continued fraction algorithm will be 
given later. A shorter, and now standard, proof runs as follows: 

Proof of the Lemma. For y — 0, 1, 2, • • • , let x = [\/Ny] + 1. Since 
\fN is irrational we have 

0 < z — x — \ /r Ny < 1. 


For any positive integer n x consider the n x boxes: 


n x n x n x 


n x 


n x 


< 2 S 1, 


and n x + 1 values of z given by y = 0, 1, • * • , n x . At least two z ’s are 
in one box, and they are unequal since y/N is irrational. Call them z x > z 2 . 
Then their difference satisfies: 


0 < z x — z 2 = (zi — x 2 ) — \/N(y x 


yt) <-• 

n x 


This may be written 


/— 1 1 

0 < z 3 = x z — VNy z < — g ,—r 

ni 12 / 31 

where x z = x x — x 2 , y 3 = y x — y *. Now choose n 2 by 


— < Z 3 
n 2 


and by the same process we obtain a z 4 < z 3 with 

0 < z 4 = x 4 — y/Ny* < T . 

I 2/41 
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Thus, since \/N is irrational, there are infinitely many solutions of 

0 < X - VNy < t— —r. (250) 

IIM 

It follows that 

2 y/Ny < x + \/Ny < 2 y/Ny + 1, 

and thus, whether y and x are positive or negative, 

| X + VNy | < 2VN | y \ + 1. 

Therefore we find infinitely many solutions of 

0 < | x — Ny 2 1 = (x — y/Ny) | x + \/Ny | < 2 \/N + 1. 

By the Box Principle (extended) we therefore have infinitely many solu¬ 
tions of x — Ny 2 = M for some 0 < | M | < 2 y/N + 1. This completes 
the proof of Theorem 77. 

The reader notes the curious character of the proof given here for Theo¬ 
rem 77. A solution of Eq. (243) implies 


y y(x + y/Ny) ’ 

that is, x/y is a “good” rational approximation of \/N. In the proof of 
the Lemma, we first find that there exist approximations: 


--VN <b 


then, by the Box Principle, better approximations: 


-- VN 
y 



Finally, using the Lemma, we attain the required approximations. It could 
be called a proof by “convergence,” and this suggests that an explicit 
and more efficient algorithm for finding good rational approximations of 
\/N could lead to an explicit and more efficient construction of solutions 
of Eq. (243). This we now examine. 

Exercise 132. By the same technique as that used on page 174 to show 
that there is no other solution x + \/Ny, show that if u— Ny 2 = —1 
has a solution, and if Ui + \/Nyi is the smallest value possible, then all 
solutions of u — Ny = —1 are given by 

u n + VNy n = ( ui + \/Nyi) n 


(251) 
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for n odd , while for n even one obtains the solutions of Fermat’s Equation: 

U2m + VNV 2 m ~ %m “ 1 “ ( 252 ) 

given by Eq. (244). 

Exercise 133. Show that Theon’s rule, Eq. (171), gives all solutions of 

x - 2 y 2 = ±1. 

60. An Algorithm 

For any positive nonsquare N we define five sequences of nonnegative 
integers A n , B n , C n , P n , and Q n as follows. Let 

C-x = N; Co = 1; Bo = 0; P_x = Q 0 = 0; P 0 = Q-i - 1. 

For ft = 0, 1, 2, • • • , define the sequences recursively by 

A n +1 = , or, since = [\/N], 

Pra+l — B n . 

Cn+ 1 ~ C n — l d~ A n _f-i(P n Pn-fl) * 

Pn+1 = Pn—1 d~ A W 4 -iP n . 

Qn+l = Qn—1 d" A n 4-xQn* 

In Eq. (254) we use the [ ] function of page 14. 

Example : 

For N = 19 we show the sequences: 


n 

c n 

A n 

B„ 

Pn 

Qn 

-1 

19 

__ 

_ 

0 

1 

0 

1 

— 

0 

1 

0 

1 

3 

4 

4 

4 

1 

2 

5 

2 

2 

9 

2 

3 

2 

1 

3 

13 

3 

4 

5 

3 

3 

48 

11 

5 

3 

1 

2 

61 

14 

6 

1 

2 

4 

170 

39 

7 

3 

8 

4 

1421 

326 


(253) 


(254) 

(255) 

(256) 

(257) 

(258) 
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It is clear, by the rules (Eqs. 254-256), that since C n _i, B n and C n repeat 
here for n = 1 and 7, that A n , B n , and C n will henceforth be periodic 
with a period of 6. 

Our immediate interest in the algorithm—there will be other points 
later—is in the important relation which we will prove in the following 
section: 


Pn- NQ n 2 = (-l) n C„. (259) 

If C n = 1, with n even, we obtain a solution of Fermat’s Equation: P n 2 — 
NQn = 1. It will be shown that for every N there are infinitely many n 
with (— 1) n C n = 1, and for the smallest such n > 0 we obtain the smallest 
solution of Eq. (243): 

P n + y/NQn = xi + y/Ny x . 

Thus 170 + \/l9*39 is the smallest solution for N = 19. 

If C n — 1 with n odd, the smallest such n yields the smallest solution of 
u — Nv 2 = — 1 by 

Pn + \/NQn = Ui + VNv X 

using the notation of Exercise 132. We show such a case for N = 13: 


n 

c„ 

A n 

B n 

Pn 

Q» 

-1 

13 

— 

_ 

0 

1 1 

0 

1 

— 

0 

1 

0 

1 

4 

3 

3 

3 

1 

2 

3 

1 

1 

4 

1 

3 

3 

1 

2 

7 

2 

4 

4 

1 

1 

11 

3 

5 

1 

1 

3 

18 

5 

6 

4 

6 

3 

119 

33 


Then 18 + \/lS-5 is the smallest solution of u — 13y 2 = —1. Corre¬ 
spondingly, as in Exercise 132, 649 + \/l3-180 = (18 + \Zl3-5) 2 is 
the smallest solution of x — 13 y 2 = 1. Alternatively, one could continue 
the table until Cio = C 5 = 1, since now there is a period of 5. Then P xo = 
649, Q I0 = ISO. In fact, by periodicity we have 

pl - ml = (~i)*. 

Exercise 134. Obtain solutions of x — 31 y = 1, and of x — 41 y = 
± 1 . 
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Exercise 135. For N = (nm) 2 + m (compare Exercise 131) carry 
out the algorithm algebraicly and obtain 

P 2 — 2 n 2 m + 1, Q 2 = 2 n. 

Similarly carry out the algorithm for N = (nm) 2 — m. In this case what 
is the period of A n , B n , C n if m — 1; if m > 1? 

We shall see that A n , B n , and C n are periodic, from some point on, for 
all N. This will follow from the inequalities: 

0 < An < 2 \/N, 0 <B n < VN, 0< Cn < 2 VN (260) 

which hold for all positive n. Granting these for now, it is clear, by the 
Box Principle, that C n - 1 , B n , and C n must eventually repeat. Then A n , 
Bn , and C„ will be periodic henceforth. We designate the period p(N), 
as in p(19) = 6, p(13) = 5. Assuming Eq. (259), we then have another 
proof of the Lemma (page 175). 

We will also obtain the useful invariant: 

B n 2 + CnCn-l = N. (261) 

Since N ^ rn, we see that C„ j* 0. This justifies the division in Eq. (254). 
Again, since C n - 1 = (N — Bn)/C n we need not have stipulated the repeti¬ 
tion of Cn _i in the previous paragraph. Also, if C„ = C„_i we have N = 

Bn + Cn. In particular, for n = 3, we have 13 = 2 2 + 3 2 . It can be shown 
that for every prime N = 4m + 1 there is such a C„ = C n - 1 • 

61. Continued Fractions for \/N 
Consider 

( V 2 - l )(\/2 + !) = !• 


Then 


\/2 = 1 + 


1 


1 + \/2 


and, by substitution we have 


V2 = 1 + ^ + -L 


1 + V2 

By continuation we obtain the infinite continued fraction: 

V5-1+ 3+i 1 

1 + 2 + ••• 
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which we abbreviate as 


The fractions 


V2-l+i + i + | + 


(262) 


1 

I 


1 , 




1 

2 + i 


= 1+1 A 
^2 + 2 ’ 


etc. 


are called the convergents of the continued fraction. The reader may note 
that these convergents are c n /a n , the ratios of Theon’s diagonal and side 
numbers. 

If VS = 1 + (1/z), we have x = l/(\/S — 1 ) = (\/3 + l)/2. Let 
(VS + l)/2 = 1 + (1 /y) and y = 2/(VS — 1 ) = V5 + 1 — 2 + 
(l/x) . Thus 


^ 1 + 1 + 2 + 1 + 


1 

2 + ••• 


(263) 


The reader may verify that the convergents now: 


c 

a 



2 

V 


5 

3’ 


7 

4’ 


etc. 


are alternately solutions of Eqs. (176) and (175), and, conversely, Archi¬ 
medes* approximations (page 140) are later convergents. 

It ipay be easily shown that the convergents of any continued fraction 


4 +J_ JL _L 

1 +2 + A 3 + A\ + 


form a convergent sequence if the A’s are positive integers. Also that if 
x is irrational and > 1 it has a unique representation of this type: 


a 1 1 1 

x = Ai + — — 

A 2 + As + 


Further, if such an x is given by 

A , JL J_ 1 

1 A 2 + Az + • * • + A n + y 


(264) 


where y > 1, then these n values of A are those of its unique representa¬ 
tion. It follows that Eqs. (262) and (263) are the representations for 
V2 and VS. 

One could proceed with VN as with \/3. But there is much redundancy, 
notationwise and otherwise, in such algebra. If one seeks an algorithm 
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with the redundancy removed one obtains that given in Sect. 60. Thus 
we shall see that 


y/N = A t + ^~ p , -J- , 
A 2 + A z + A 4 + 


(265) 


Qn A 2 + Az + 


where the A ’s are given by Eq. (254). Further the convergents are 

JL_ 

+ A n 

where P n and Q n are given by Eqs. (257-258). Thus, from page 178, 

VT9 = 4+A I 1 1 I 1 i 

V ^ 2 + 1 +3 + 1 + 2 + 8 + 2 + ••• • 

We may indicate the periodicity neatly by the symmetric formula: 

/rn _ , , 1 1 1 1 1 1 

^ 9 + 2+l+3+l+2+4+ Vl9 ’ 

Similarly 

ft o _ o 1 ^ 1 1 1 ^ 

V i 'l + l + l + l + 3+ Vl3 

and 


(266) 


1 1 


1 


l§ = 3+ I 

5 ^ + 1 + 1 + 1 + 1 


We now prove Eqs. (259), (260), (261), (265) and (266). The subject 
of continued fractions is a large one. It is not our purpose now to expound 
upon it at length. Our primary interest concerns its relation to Theorem 
77. At that, our treatment is brief and we leave numerous computations 
for the reader. 

First, from Eqs. (255) and (256) we have 


Cn+l = Cn -1 + 2A n +iB n — A n +iCn , 


and from this, and Eq. (255), we obtain Eq. (261) by induction. Then 
we define 


_ \/N + Bn -1 

a n — p > 

W-1 


(267) 


and using Eq. (261) we find that 

a n = A n +-. 

«n+l 


( 268 ) 
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Since a\ = \/N we obtain 


Vn=A,+ T, + A,+ 


1_ 

+ A n + a n+ x 


(269) 


by induction. 

Next we show 0 < A n and 1 < a n . From a n > 1, and [a n ] — A n , and 
Eq. (268), we find A n > 0 and i > 1. Since = \/N > 1, the re¬ 
quired results follow by induction. Then from Eqs. (269) and (264) we 
derive Eq. (265). 

To complete the proof of Eq. (260) assume 

0 < B n < y/N, 0 < C n < 2 VN (270) 


for some positive n. From 


we find B n +i 
Thus from 


A _ VN - B n+ i ^ A 

&n +1 ^ n+1 ^ 0 

< \/V- Then from -B^+i + (7„ + iC„ = iV, we obtain 0 < C n+1 . 


&n-\- 2 


y/N + B n +i 


> 1 


'n+1 


we have Cn +1 < 2y/N. But if B„+i ^ 0, from Eq. (255) C n = -d-n+l^n = 
P n < VN. This implies 


<*n+l — -d n+1 


_ VF - B 


/t-j-i 


c n 


> 1 


and this contradiction implies 0 < B n + X . Then Eq. (270) follows by in¬ 
duction for all n > 0. Finally, since 1 ^ C n , we get A n < a n < 2 y/N 
from Eq. (267). This completes the proof of Eq. (260). 

Next, from Eqs. (257), (258) and (253) we obtain a second important 
invariant by induction: 


(-l) n (P n Qn-l ~ Pn-lQn) = 1- (271) 


This implies that (P„ , Q„) = 1 and the fraction PJQn is in its lowest 
terms. 

Now we prove Eq. (266), slightly generalized. Let a n , n = 1, 2, • • • 
be any positive numbers, not necessarily integers, and let 

P -1 = go = 0, po = g-i = 1, 

Pn- fl — Pn—1 + an+lPn y Qn+1 Qn—1 “H a n +lQn y 
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analogous to Eqs. (253), (257) and (258). Then 

Pi cfi , p 2 a 2 a x + 1 1 

— = — and — = - = a x + — 

qi 1 q 2 a 2 a 2 

are identities. Assume, for some n > 1, 

^ = Pn - 2 - t - anP — 1 = 01 + -,-. . - (272) 

Qn Qn ~2 + O'n Qn -1 «2 + «3 + * * * + O'n 

for any positive a’s. Thus we may replace a n by a n + (1/On+i) and obtain 


Pn -2 + ( a n + — ) Pn-l Pn + Pn-1 

_ \ g n + 1 / = a n +1 ^ 

Qn—2 + f a n + - ) <?n-l q n + - q n - 1 

\ a n +i/ a n + 1 


PiM-l 

2«+l 


, 1 11 

= ai + - — -- • 

a 2 + * • * + a n + a n+ i 

Therefore Eq. (272) is true for all positive n and a’s. In particular, Eq. 
(266) is true. Further, from Eq. (269), we obtain 


VN = 


Pn -2 + [A n + - ) P n -1 p 

_ _\_ Q^n+l/ _ _ *-n —1 


+ QLn+l Pn 


Qn —1 4“ &n -{-1 Qn 


Qn —2 + ( A n + - ) Q n - 1 

\ ««+l/ 

and, from Eq. (267), 

V^(P» ~ CnQ.-l ~ P„Qn) = NQ n ~ C n P n- 1 ~ PnP«- 
But is irrational, so: 

Pn — PnQn-l + B n Q n , 

NQn = CnPn-! + P«Pn • 


(273) 


(274) 


These combine to yield 

Pn - NQ n 2 = C n (P n Q n -l 


Pn-lQn) , 


and from Eq. (271) we prove Eq. (259). 

It is easy to show that the right side of Eq. (265) converges to the left 
side, for from Eqs. (273) and (271) we also obtain 


£ - Vn = (-iy 


Qni^Qn —1 ~f” OLn+1 Qn) 


(275) 


Since Q n increases without bound the convergents converge to \/N in 
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an alternating manner: 


— > Vn > Eb+i . 
Qs* V Q*+i 


We have shown that the algorithm yields a convergent, periodic, con¬ 
tinued fraction for VN, and, if ( — 1 ) n C n = 1, we have a solution of 
Eq. (243). These fractions were used by Fermat, Frenicle, Wallis and 
BrounOker to obtain solutions. No one prior to Lagrange, however, (except 
possibly Fermat), proved that such an n always existed. We have seen 
that the algorithm implies the Lemma, and this implies a solution: x — 
Ny 2 = 1. Therefore 



and 






(276) 


Now any rational number 6/a > 1 may be expanded into a finite con¬ 
tinued fraction as on page 12. We have 

6,11 1 

- = <7oH-, — , , — 

a qi + q<i + • • * + q n 

where the q’s are given by Euclid's Algorithm on page 9. Further q n > 1, 
and, at our option, we may also write 


6 , 1 
- = qo + — . 
O' qi + 


1 


+ (q n - 1) + 1 
Using one or the other, x/y can be written 


x ,1 

- = ai + — 

y 02 + 


with n even. If z is defined by 


Vn = «i + - , 

02 + 

we have, analogous to Eq. (275), 

X nrj _ 1 

y y(y' + zy) 


1 


^ 1 

+ a n + z 


(277) 


z + y - 


(278) 
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where y' is the denominator of the next to the last convergent of Eq. 
(277). Therefore 0 < y'/y < 1, and comparing Eqs. (278) and (276) 
we find z > 1. Then, by Eq. (264), a* = Ai and x/y is a convergent P n /Q n • 
It follows that every solution of Eq. (243) is given by the algorithm. 

Exercise 136. Solve 61 — a 2 + b 2 and x 2 — 6ly 2 = — 1 by the algorithm. 
Solve x — 61y 2 = +1; compare page 172. Obtain the representation of 
\/6L 

Exercise 137. Let n be the smallest positive index for which C n — 1. 
From Eqs. (261), (260), etc. show B n = B n+i — Ai and A n+ 1 = 2A X . 
The representation may be written 


VN = A . + },}, 

Ai + Ai + 


Jl i. 

+ An + Al + ’ 


(279) 


and the period p(N) = n. The sequence of T’s is 

A t , A 2 , A s ■ ■ ■ A n , 2Ai , As , As ,■■■ A„ , 2Ai , etc. 
Exercise 138. The representation, Eq. (279), is always symmetric: 


VN = As + 


Ai + As + 


+ A 


■^ + t , + Ti+ Vn- (280) 


To prove Eq. (280), show that one may replace -y/N by — \/N in Eq. 
(279). Then solve for the lower radical in terms of the upper. Alternatively, 
use Eqs. (279) and (273) to derive 


P n = AiQn + Qn_ 1 . 


Then, with Eq. (282) below, show that 

^ = + 1. 

Qn A n + A n -1 + * * * + A<l 

Exercise 139. Show that if one runs the indices backwards one obtains 


and 


A n + 


1 

A n —1 


1 1_ 
+ A n -2 + * * * + Al 



A n + 


1 

A n —i 


1^ 

+ • • • + A 2 


Qn 
Qn —1 


Exercise 140. 


(281) 

(282) 


Ai + —- 

A 2 + 


1 


1 


1 


1 


+ A 2 


+ A m + A m+ i + A m + A m _i + 

_ P m-f 1 Qm + P m Qm—1 

Qm(Qm -1 + Qm+l) 


(283) 
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, j_ j_ 2- = Pm Qm ± 9^=} 

A 2 + * * * + A m + A m + * • * + A.2 Qm + Qm- 1 


(284) 


Exercise 141. Use one of the results of the previous exercise as a short¬ 
cut in solving x 2 — 61 y = —1. What do you note about the P’s and Q’s 
used, in relation to the 61 = a 2 + b 2 of Exercise 136? 

Exercise 142. From Eq. (273) and the periodicity of the A’s rederive 
the recurrence relations, Eq. (246). 

Exercise 143. There are infinitely many solutions of x — 34 y — M for 
M =*= +2 and —9, but none for M = — 1. 

Exercise 144. If N = 1 (mod 4) and prime, and the smallest solution 
of Eq. (243) is xi + y/Nyi , then 

Ml = and = l/^lr (285) 

are integers and ui + y/Nv i is the smallest solution of u — Nv 2 — —1. 

Exercise 145. If N = 2k + 1 is prime, the period p(N) of y/N is even 
or odd according as k is odd or even. 

Exercise 146. If N = 1 (mod 4) and prime, and if p(N) = 2k — 1, then 


N = B k 2 + Cu\ 


(286) 


Exercise 147. If N is an odd prime, and N\s 2 + 1 with 0 < s < JW, 
write 


N . 1 1 

— = ai + — —• 

S 02 + * * * + 0,2n 

by Euclid’s Algorithm. Then the a’s are symmetric and 

N = pi -1 + Pn- 

For example: 1429|620 2 + 1. 

1429 _ 2 ,1 1 1 1 1 1 1 

620 '3 + 3 + 1 + 1 + 3 + 3 + 2’ 


(287) 


p% _ 23 pi _ 30 
qz ~ 10’ qi ~ 13’ 


1429 = 23 2 + 30 2 


Exercise 148. Conversely, if an odd prime A is a sum of two squares, 
consider its representation by Eq. (287). Then expand by Euclid’s 
Algorithm: 

Pn _ , 1 1 

- a n +i -r- . . — • 

Pn—1 a n+ 2 + • • • + a2n 
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If the next to the last convergent is u/v and s = up n + vp n -i , then 0 < 
s < N, and N\s 2 + 1. 

Exercise 149. In Exercise 147 it is not necessary to complete Euclid's 
Algorithm in order to determine n. The largest numerator < \/N is p n . 

Exercise 150. 


p(N) < 2N. (288) 

Exercise 151. 



_ N + B n fi n . 

Bn + A 


(289) 


Exercise 152. If x n + \ZNy n is the nth solution of Eq. (243), then the 
2nth solution is given by Newton’s Algorithm for taking square roots: 



if the right side is in its lowest terms. 


+ 


N 

Xn/y n _ 


(290) 


62. From Archimedes to Lucas 
From 

/— 1 . 1 1 1 1 

^ + 1 + 2 + 1 + 2 + ••• 


we obtain the approximations PJQn : 


n 

1 

2 

3 

4 

5 

6 

Pn 

n 

2 

5 

7 

19 

26 

Qn 

H 

1 

3 

4 

11 

15 

n 

7 

8 

9 

10 

11 

12 

Pn 

mm 

97 

265 

362 

989 

1351 

Qn 

B 

56 

153 

209 

571 

780 


Archimedes’ approximations on page 140 are those for n = 12 and 9. Our 
gear ratio on page 173 is 

P is _ 70226 _ 26 37 73 
Qxs 40545 15 51 53 9 

and we note that the first factor on the right is Pq/Qg . This is not an iso¬ 
lated result, for we shall prove 
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Theorem 78. Far all positive n, r, and s, 

Qn\Qrn > Pn |-P(2«+l)n • (291) 

It will be convenient in such investigations to introduce two new se¬ 
quences. From Theorem 77 we obtain 

P 2 „± V3&n= (Pi± V3Q 2 ) n = (2± V3)". (292) 

This implies 

P2n+2 = 2P 2 n + 3<? 2n , (?2n+2 = P 2 n + 2Q 2n . (293) 

But since A in + 2 = 1 for all n, we also have, from Eqs. (257) and (258), 

P2n+2 = Pin T" Pi n+1 , Q 2 n+2 = Qin Qin+\ ■ 

Then, from Eq. (293), we obtain the odd-order convergents: 

Pin+l — Pin 3 Qin , Q 2 n+1 — Pin Qin 


or 


P 2 n+1 ± V3Qi n+l ( 294 ) 

= (P 2n ± v^Qi.)(i ± VS) = (2 ± \/3) n (i ± VS). 

Now (1 ± V3) 2 = 2(2 ± VS), and Eqs. (292) and (294) may be 
written 

2 n (P 2 n ± V3Q 2 „) = (1 ± V3) 2b , 

2”(P 2 n + l ± V^Qin+l) = (1 ± V^) 2B+ '. 

Using the square bracket 1 j = n, we therefore have, for 

all m, 


If we now define 


2 ls] (P>» ± \/3Qm) = (1 ± VS) m - 


T-l T-l 

2 2 P n = t n , 2 l2J Q n = t^ n , 


(295) 


(296) 


we have 

± \/3u n = (1 db \/3) • (297) 

By this definition we override the pulsing character of P n + \/3Qn—due 
to the period, p( 3) — 2—and may transfer our investigation to the smooth 
sequence t n + y/%u n instead. For, if we can factor t n and u n , we can also 
factor P n and Q n by Eq. (296). 
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From Eq. (297) we obtain at once some useful identities: 


tn+m — t n tm “1" 3 U n U m , 

Un+m U n t m "j~ Umfcn • 

Then 

hn = tn + 3 Un, 

U2n 2u n tn . 

Since (1 + y/3) n (l — y/3) n = (—2) n , we have 

tm - VSu m = (1 - VS) m = (—2)^(1 + \/3)“ m . 

Therefore 


( 298 ) 


(299) 


(tm ~ V3U m )(t n + \/3 Un) = (~2) W (1 + V3) 
and, if m < n, 

( 2) U n ~m ~ U n tm U m t n , 

( 2) t n —m ~ tntm 3u n U m > 

while, if m = n, 

(—2) n = C - 3u n 2 - 

Now we can give the 

Proof of Theorem 78. From Eq. (298), if m = rn, we see that u n \u rn 
implies u n \u {r +i)n • By induction, u n \Um for all positive r. Now t n \u 2n by 
Eq. (299), and therefore, by what has just been proven, t n \U 2 Sn - Thus, if 
m = 2sn, we see from Eq. (298) that t n \hs+i)n . Then Eq. (291) follows 
from Eq. (296) directly if Q n , or P n , respectively, is odd. To determine 
their divisibility by powers of 2, we obtain from Eq. (298), with m = 4, 
and from Eq. (296), 


(300) 

(301) 


Pn +4 = 7 P n + 12Q n 
Qn+4 =7Q n + 4P n . 

It follows, by induction, that P w is divisible by 2, but not by 4, and all 
other P n are odd. Likewise Q n is even only for n ~ 4k. From Eqs. (299) 
and (296) we have 

Qik = 2P 2 kQ,2k • 

It follows, by induction, that for k > 1 and n = 2*(2s + 1), Q n is di¬ 
visible by 2 k but not by 2 k+1 . 

Thus Eq. (291) is true for all n. 
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Corollary. If Q n is a prime , then n is a prime . 

We find that Q 3 , Q 5 , Qi , Qn , and Qi 3 = 2131 are indeed primes. But 
q 17 4 = 67*443. Qig = 110771 is again prime. This corollary, the numerical 
behavior (6 primes and one composite), and the exponential growth of the 
Q n are all reminiscent of M n — 2 n — 1 . Since, from Eqs. (296) and (297), 
we have 

n (1 + \/3) n — (1 — \/3) n (30°) 

“ - 2V5-2'- 1 *- <3 ° ’ 

and see that their formulas are somewhat similar. Let us pursue this 
analogy. 

From Theorem 35, on page 72, if m > 1 and odd, and if m\2* — 1, and 
if e is the smallest positive x such that m\2 x — 1, then e\f. The analogous 
result is 

Theorem 79. If m > 1 and odd , and if m\Q f , and if Q e is the smallest posi¬ 
tive Q n which m divides , then e\f. 

Froof. Assume the contrary, and let f — qe + r with 0 < r < e. Con¬ 
sider Eq. (300) with n = /, m = r. Then 

( 2') T Uqg —'■ Uftr Ujif • 

Since m divides Q e , it divides Q qe and therefore u qe . Likewise m\u f , and 
thus m\u r tf . Then, since (tf , m) = 1 by Eq. (301), m\u T , and m\Q r . Since 
this contradicts the definition of e, we have r = 0 and e\f. 

Now we investigate the analogue of FermaVs Theorem . Let p be an odd 
prime, and, using the binomial theorem, we expand 


u± VS) P = i±f 






Then 


+ 


p(v - 1)- • -2 „c^-i)/2 
1 • 2 • • • (p - 1 ) 


± 3 


P/2 


t P = |[(1 + V3V+ (1 - V3) p ] 


1 4- ~ O 

" r 1-2 


3 + ••• + 


p(p — 1 ) • •-2 
1 - 2 ---(p - 1 ) 


^(p-D/2 


But every term except the first is divisible by p , since these binomial co¬ 
efficients are integers, and the factors in their denominators are <p. 
Therefore 


t p = 1 (mod p). 


(303) 
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Similarly 

u v = 2 ^/g ^(1 ~ ^ ~ V / 3) J> ] 

= l + P(P Z-jKP ~ 2 ) . 3 + ... + 3 ( p - i)/2 


By Euler’s Criterion, 3 


(p-i) n 


-(f) 


u v 


(mod p). Therefore 


(mod p). 


(304) 


Now we use Eq. (300) with n = p, m = 1, and, since ti = u x = 1, 
we have 


—i — if p Wp — 1 


(mod p). 


(305) 


By Theorem 20, = 1 if p = 12m zb 1. Therefore for primes 

we do get a “Fermat Theorem,” since p\2u p ^ , and therefore p\Q p ~i. For 
the remaining primes ^ 2 or 3 we have = —1. But from Eq. (298) 
we find 


u p+ i = u p + t p = 1 + (mod p). 


(306) 


Together with Eqs. (305), (304), and Theorem 79 we have thus proven 
Theorem 80. If p is an odd prime , 

P\Qp, P|Qp-i, or p\Qp+i 

according asp = 3, 12m zb 1, or 12 m zb 5. Further if p\Q e and e is the smallest 
such positive index , 

o = 3, e\p — 1, or e\p + 1 

respectively. 

Next we investigate the analogue of Euler's Criterion. From Eqs. (299) 
and (301) 

6 u n 2 = 4 „ - (— 2 ) n . 

If n = (p zt l)/2 we use Eqs. (298) and (300) to obtain 
— 12 M(p_ 1)/2 = t p - 3u p + 2( — 2) (p ~ 1)n ) 

6m( p+ i )/2 = t p + 3 u p - (— 2) (3>+1)/2 . 
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Thus 

— 12w(p_d/2 = 1 - 3 (|) + 2 (r~) 

= 1 + 3 0) + 2 

We evaluate the Legendre Symbols—say from the table of J on page 

47—and find: 


If 

p = 24m + 1 or 11, 

ui P - d/2 == 0 

(mod p). 

If 

p — 24 m + 13 or 23, 

3t4p-l)/2 = 1 

(mod p). 

If 

p = 24m + 5 or 7, 

3z4 p+ d/2 = — 2 

(mod p) 

If 

p = 24m + 17 or 19, 

^(p+l)/2 = 0 

(mod p). 


(mod p), 
(mod p). 

/ — n\ 


(307) 


In the first and last case p\u (pT i) ,2 . In the two middle cases, since p\u^ d /2 , 
while from Theorem 80, p|u pT i, we see, from u 2n = 2 u„t n , that p|f (**«/* ■ 
We have therefore proven 

Theorem 81. Assume p prime . T/ien 


P\Q(p-l)H 

if 

p = 24 m + 1, 11, 

P\P(p-l)/2 

if 

p = 24m + 13, 23, 

P\P (p+D/2 

if 

p — 24m + 5, 7, 

P\Q(p+l)/i 

if 

p — 24 m + 17, 19. 


(308) 


These and similar results have been obtained by Lucas and by D. H. 
Lehmer. 

Exercise 153. 


P P - 




(mod p ). 


Exercise 154. For n = p or p zL 1 , P n = either ±1 or ±2, Q n — either 
0 or d=l (mod p). 

Exercise 155. Every prime Q n except Qz = 3 ends in the digit 1. 


63. The Lucas Criterion 

With the third case in Theorem 81 we have obtained that which we sought 
at the end of the last chapter. We analyzed Pepin’s Theorem 55 there, and 
found that this test succeeded as a necessary and sufficient criterion for 
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the primality of the Fermat number F m because, in 

F m \(3 (Fm ~ 1)/2 + 1)(3 ( ^- 1)/2 - 1), 

F m divides only the first factor on the right, and also F m — 1 is a power of 2. 
For M p we have instead M v + 1 as a power of 2. While Euler’s Criterion 
is therefore useless our new “Euler Criterion” yields 

Theorem 82 (Lucas Criterion). A necessary and sufficient condition that 
M p > 3 is prime is 

M p \P (Afp+i) /2. (309) 

This test may be carried out efficiently as follows. Let Si = 4, /S 2 = 14, • • • , 
S n +i = S n — 2. Then the condition becomes 

M p \Sp-i , (310) 

or, using residue arithmetic , 

S P - 1=0 ( modM p ). (310a) 

Examples : 

7 = M 3 \P 4 = 7 31 = M 5 |P 16 = 18817. 

To test Mi — 127 we use Eq. (310a) and arithmetic modulo 127. Then 

Si = 4, S 2 = 14, $ 3 = 67, S 4 = 42, S 5 = 111, $ 6 = 0 (mod 127). 

For such a small M p this test requires more arithmetic then Fermat’s f p and 
Euler’s e p on page 22. But consider M 6 1 . Then e 6 i implies about a million 
divisions—and also a table of primes of the forms 488& + 1 and 488& + 367 
out to 1.5 billion. However, Eq. (310a) requires only about 60 multiplica¬ 
tions, 60 subtractions, and 60 divisions. Arithmetically speaking, a Lucas 
test for Mei is comparable with an Euler test for , and a Cataldi test 
for M 19 . 

Proof of Theorem 82. If n = 2m + 1, M n = 2 n — 1 = 7 (mod 24) 
by induction, since M z = 7 and 

4(7 + 1) - 1 s 7 (mod 24). 

If Mp is prime for p = 2m + 1 we have Eqs. (309) by (308). Conversely, 
assume Eq. (309) and suppose a prime q divides M p . Then q\P(M p +i )/2 and 
<?|2 (m p +d/2 . Since w 2s — 2 u 8 t s we obtain 

Q\Qm p +i- 

Let e be the smallest positive integer where q\Q e . By Theorem 79 

el Mp + 1 = 2 P . 
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If e < 2 P we have e\2 p ~ 1 , and, by Theorem 78, 

q\Qw-i ~ Q(m p -h)/ 2 - 

This cannot be, since q\P { M,+v)n , and (P,, Q.) = 1 for every s, since 
P, 2 - 3 Qs =1 or -2. 

Therefore e = 2 P . But, by Theorem 80, the index e for any odd q satisfies 
e £ q+ 1. Then M p = 2 P — 1 g q. Since q\M p , we have q = M p , that 
is, is a prime. 

Finally, since P 2 + y/ZQ* is the smallest solution of x — 3y 2 = 1, we 
have 

p 2m = Pm + 3 Qj = 2 Pj - 1 

for any even m, by Eq. (292). If we define S n = 2P 2 n we therefore have 
S x = 2ft = 4, and S n+1 = S n 2 - 2. Since (M p + l)/2 = 2*~\ Eq. (310) 
is equivalent to Eq. (309). 

We now give a brief account of the Mersenne numbers after Euler. There 
were then eight known Mersenne primes, the Greek primes: 

M 2 = 3, M z = 7, M 5 = 31, M 7 = 127; (311) 

the medieval Mi 3 = 8191; and the modern Mn , M i9 , and M n . Mersenne 
stated in 1644 that for 31 ^ p ^ 257 there were only four such primes, 
M 31 , M 67 , M 127 , and M 25 7 . While Euler had verified M 31 the remaining 
three were beyond his technique. There now ensued a pause of over a 
century.* 

In 1876 E. A. Lucas used a test which is related to Theorem 82 and is 
described below. He found that M 67 is composite and Mm is prime. With 
one or another of these Lucas-Lehmer criteria, and with extensive compu¬ 
tations by hand or desk computers, all doubtful M p were settled by the 
year 1947 for 31 < p S 257. It was found that 

M 6 i , M 89 , Miot , and Mm 

are prime while the other M v including M 257 are composite. 

Th$ arithmetic necessary for a Lucas test of M p is roughly proportional 
to p\ since that in the multiplication of two n digit numbers is proportional 


* P6ter Barlow, in the article “Perfect Number” in A New Mathematical and 
Philosophical Dictionary (London, 1814), says “Euler ascertained that 2 31 ~ 1 = 
2147483647 is a prime number; and this is the greatest at present known to be such, 
and consequently the last of the above perfect numbers, which depends upon this, 
is the greatest perfect number known at present, and probably the greatest that 
ever vyill be discovered; for as they are merely curious, without being useful, it is 
not likely that any person will attempt to find one beyond it.” 



196 Solved and Unsolved Problems in Number Theory 

to n 2 . It is clear, then, that it becomes prohibitive to go much beyond 
p — 257 without a high-speed computer. The Lucas prime Mm therefore 
remained the largest known prime for three-quarters of a century. Further, 
a test of Catalan’s conjecture was not possible. On the basis of Eq. (311), 
Euler’s Mzi , and Lucas’s Mm , Catalan had “conjectured” that if P = M p 
is a prime then M P is prime. If this were true, Conjecture 2 (and therefore 
Conjecture 1 also) would follow at once. But, for instance, is M mx = M Mlz 
a prime? 

A. M. Turing in 1951 utilized the electronic computer at Manchester, 
England to test Mersenne numbers, but obtained no new primes. In 1952 
Robinson used the SWAC in California and found five new primes: 

M&l y Mqo7 , Mj279 , ^2203 , -^2281 • 

There are no others for 127 < p < 2309. In 1953 Wheeler used the ILLIAC 
and proved that M 8m is composite. The computation took 100 hours! 
Although it cannot be said that Catalan’s conjecture was nipped in the 
bud, it was definitely nipped. It reminds one of the English philosopher 
Herbert Spencer, of whom it was said that his idea of a tragedy was “a 
theory killed by fact.” In 1957 Riesel used the Swedish machine BESK to 
show that if 2300 < p < 3300 there is only one more Mersenne prime, 
A /3217 • Finally, in 1961, Hurwitz used an IBM 7090 to show that for 
3300 < p < 5000 there are two more Mersenne primes, M 42 53 and M 4423 • 
The first of these is the first known prime to possess more than 1000 digits 
in its decimal expansion, while the twentieth known perfect number, 

P 20 = 2 4422 ( 2 4423 - 1), 
is a substantial number of 2663 digits. 

Exercise 156. The reduction of S n 2 modulo M p is facilitated by binary 
arithmetic. For let S n modulo M p be squared and equal Q2 P + R. If, there¬ 
fore, R is the lower p bits of the square and Q is the upper p bits, then 
S 2 = Q + R (mod M p ). Or, if the right side here is >M P , then S 2 = 
Q + R — M p . Thus the Lucas test requires no division if done in binary. 

Exercise 157. (For those who know computer programming.) Estimate 
the computation time—say on an IBM 7090—to do a Lucas test on M 8 m . 
(For those who have used desk computers.) Estimate the computation 
time—using residue arithmetic on a desk computer—to verify the following 
the following counter-example of Catalan’s conjecture: 

1 + 120 Miq \M jif 19 


that is, 


2 2 ' 9 = 2 (mod 62914441). 
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64. A Probability Argument 

The Lucas test of M 4423 on an IBM 7090 took about 50 minutes. It is 
clear that once again we are up against current limits of theory and tech¬ 
nology. Suppose one had a computer 1,000 times as fast. Then one could 
test an M v for p about 50000 in about one hour. However, there are about 
10 times as many primes to be tested in each new decade, so that one would 
really want a computer 10,000 times as fast to do a systematic study out 
to p & 50000. 

How many new Mersenne primes can be reasonably expected for 5000 < 
p < 50000? A related question is this: Why do we call it Conjecture 2? 
Surely 20 Mersenne primes do not constitute “some serious evidence.” 

The answer is suggested by the prime number theorem: 


7T 



dn 

log n ’ 


One can give a probability interpretation of this relation. However, it is 
not rigorous mathematics. The probability that an n chosen at random is 
prime is 1/log n. The heuristic argument goes as follows. Consider an 
interval of positive integers, M — JAM ^ ra ^ M + JAM, with AM small 
compared with M, but large compared with log M. Then the number of 
primes in this interval we estimate by 

pM+hbM 

/ dm /log m. 


By the mean-value theorem this integral equals AM/iog (M + e) for a 
small e. Thus the ratio of the number of primes to the number of integers 
here, which we call the probability, we may estimate as 1/log M. 

Suppose now the Mersenne numbers M p are tentatively considered num¬ 
bers “chosen at random.” Since log M p ^ p log 2 the probable number of 
Mersenne primes M p for p n S P ik p™, would then be estimated by 

i Pm 1 

p = — !]-. 

log 2 tr v 

The series on the right can be shown to be divergent, so that by choosing 
p m large enough the probable number P could be made arbitrarily large. 
Now, in fact, the error in our assumption can only reinforce this conclusion. 
The “unrandomness” of the M p is all in the direction of greater tendency 
towards primality. Thus q\M p if q < 2p + 1. Again, any divisor of M p is 
of the forms 2 pk + 1 and 8k ± 1, and all M p are prime to each other. 
Everything we know suggests that our assumption errs on the conserva¬ 
tive side. 
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Were such a “random” assumption valid it would follow, from the 

known rate of divergence of £ i, that if M Pi are the successive Mersenne 

primes, then log p» would grow exponentially. Empirically, the sequence 
Pi = 2, 3, 5, 7, 13, 17, 19, 31, 01, 89, 107, 127, 521, 607, 1279, 2203, 2281, 
3217, 4253, 4423 suggests a slower, linear growth of log p,. A reasonable 
guess is that there are about 5 new prime M p for 5000 < p < 50000. 

We know much larger composite M p than prime M P . For example, as 
on page 29, is composite. Primes of such a size are completely 

inaccessible to us with our current theory and technology. The Lucas test, 
when done in binary, appears so simple (see Exercise 156) that it may be 
hoped that one could penetrate more deeply into its meaning, and thereby 
effect the next breakthrough. Alternatively, however, it is also conceivable 
that one could obtain a (metamathematical ?) proof that the number of 
elementary arithmetic operations here is the minimum needed to decide the 
primality of M p . But, to date, neither of these things has been done, and 
it is an Open Question which is the more likely. 

Exercise 158. Give a heuristic argument in favor of infinitely many 
Wieferich Squares, p \2 P ~ 1 — 1. On the other hand, “explain” their rarity. 


65. Fibonacci Numbers and the Original Lucas Test 

Why do we single out \/3 as a basis for a test; can we not use y/b, say, 
instead? The answer is that the original Lucas test did use \/5, via the 
so-called Fibonacci numbers. 

Consider the continued fraction 


-ii 1 1 1 

* + 1 + 1 + 1 + 


Since x = 1 + (1/x), or x — x + 1, we have 

x = i(l ± VE), 

but since x > 0 we must take the + sign. The corresponding convergents 
to (1 + \/5)/2 are 


1 2 3 5 8 13 21 34 
1 ’1*2’3 s 5’ 8 ’ 13’21’ * 

The denominators (call them U n ) are the Fibonacci numbers. They are 
clearly definable by 

Ui ~ U 2 = 1, Un+l ~ U n + U n -1 • (312) 

The numerators are U n + 1 , and we have 

+ VS). 


(313) 
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It can be shown, by induction, that 

<**> 

The analogue of Theorem 80 is 
Theorem 83. If p is an odd prime , 

p\Up j p\U p —i , or p\Up+i 

according as p = 5, 10m ± 1, or 10m =L 3. Further , t/ p\U e , und e is 
smallest such positive index , 

e = 5, e|p — 1, or e|p + 1 

respectively . 

The original Lucas test was based on this Fermat-type theorem for \/5. 
If M =t= 10m - 3, and [/*,+!, but AfjE/ d for every divisor d of M + 1, 
it may be shown that M is a prime. Since 

2* — 1 = —3 (mod 10), 

providing p = 3 (mod 4), the test is suitable for one-half of the Mersenne 
numbers, including M& and M X21 , but not M 257 • By computing U 2 v- 1 and 
J/ 2 P modulo M p one can determine the primality of the latter if p s 3 
(mod 4). 

Lucas then modified this procedure into an Euler Criterion—type test 
as in Theorem 82. Let 

Vi = 1, V 2 = 3, V n+1 - V n + 7 n _!. (315) 

Then 

Vn = (~ + 2- ^ )" + ( ! "2^ )” = I/2 ’ ,/f7n • 

If = V 2 n , then it may be shown that 

Pi = 3, = 2. 

It follows, if p = 3 (mod 4), that M p is a prime if and only if 

Mp\R p —i . 

Therefore Eq. (310) in Theorem 82 is also valid if we set &i = 3 instead 
of 4, but only if p m 3 (mod 4). 

The difference between \/3 and as the basis of a test therefore comes 
to this—all Mp are of the form 12m + 7, while some are of the form 10m + 1, 
and others are of the form 10m + 7. Another reflection of this difference is 
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that all even perfect numbers, except the first, end in 4 when written in the 
base 12, but they end in 6 or 8 in decimal. 

Exercise 159. Prove the results stated in this section. More generally, 
let Xi + y/Nyi be the smallest solution of x — Ny 2 = 4. Let Si = x x and 
examine the sequence S n +x = S n 2 - 2. Note that x = z + (1 /z) where 
z = h(x + s/Ny). Specifically examine N = 3, 5, and 6, and develop a 
Lucas test based on S x = 10. Why can't \/2 be used as the basis of a 
Lucas test? Relate this to the fact that the \/2 exists in —specifically, 

(2 (j>+i)/ 2)2 s 2 (mod M p ). 

Exercise 160. Use Eq. (232) with N = 1 and a + bi = cos 6 + i sin 6 
to derive the trigonometric addition laws for cos (6 =L <£), etc. Interpret 
Eq. (244) as a generalized De Moivre’s Theorem. Interpret the vectors 
(Xi , yi) of Theorem 77 as an infinite cyclic group under the operation de¬ 
termined by Eq. (244). Reduce these vectors modulo a prime p and discuss 
the corresponding finite cyclic groups. 

Exercise 161. (Lucas's Converse of Fermat's Theorem.) If m\a m ~ l — 1, 
and m\a — 1 for every divisor d of m — 1 which is <m — 1, then m is 
prime. 



SUPPLEMENTARY COMMENTS, THEOREMS, 
AND EXERCISES 


We utilize this section to tie down some loose ends developed in the 
foregoing three chapters, and also to give some further comments and 
exercises of interest in their own right. These results could have been in¬ 
cluded earlier, in the appropriate sections, but it seemed better not to 
attenuate the main argument. The 40 exercises which are given follow the 
order of the corresponding topics in the text. 

Exercise IS. On page 15 we noted a gap of 209 between successive 
primes. Show that there exist arbitrarily large gaps by considering the 
sequence ml + k with k = 2, 3, ... , m for a large value of m (Lucas). 

Exercise 2S. A less tricky, but also less simple proof of the foregoing 
result may be obtained by assuming the existence of a largest possible gap 
m, and showing that a consequence of this is contradicted by the Prime 
Number Theorem. 

Exercise 3S. With reference to Conjecture 5, page 30, consider the 
sequence: 


cii +1 = 2 a,i + 1 , 

with a,i — 89. Then 01 , 02 = 179, a 3 = 359, a 4 = 719, a 5 = 1439, and 
a 6 = 2879 are all primes. But show that in any such sequence, regardless 
of the starting value m , the a* cannot all be prime. In fact, infinitely many 
a» must be composite. 

Exercise 4S. (“Aus der ballistichen Zahlentheorie”) 

Two missiles, m and M 2 , are moving parallel to the x axis, and, at time 
t = 0 , they pass each other in the following kinematic attitudes: 

Xi ( 0 ) = x 2 ( 0 ) = 0 


±1 ( 0 ) = x 2 ( 0 ) = 1 


Xi ( 0 ) = x 2 ( 0 ) - - 1 . 

Hi has a sharp nose and many control surfaces, and therefore is decelerated 
by a skin-friction drag force which is proportional to its velocity. M 2 , a 
much older model (circa 1850), has a blunt nose and no control surfaces, 


201 



202 Solved and Unsolved Problems in Number Theory 


and therefore is decelerated by an air-inertia drag force which is propor¬ 
tional to the square of its velocity. 


_ ^1 ( 0 _ 3^2 ( Q 


is the mean relative velocity, and is an analytic function of t. Show that the 
initial value of its n’th derivative, that is 



is an integer if and only if n + 1 is a prime. 

Exercise 5S. Consider the seven sets of four residue classes b modulo 24 
in the table on page 47. Omitting the residue 1 the remaining residues may 
be diagrammed as follows: 



Six of the seven sets are shown as straight lines through three points. But 
the seventh set, n + 1, is represented by the dotted line. 

This would appear to give special roles to the form n + 1 and the res¬ 
idue class in the center, 23 = — 1 (mod 24). But a priori no residue class in 
91124 except 1, and no subgroup of order 4, has a special role. Show, in fact, 
that any of the seven n 2 + a may be given this “special role,” and any b 
not on it may be placed in the center. There are thus 28 such diagrams. 

But is there a configuration of seven straight lines and seven points, with 
each line on three points, and three lines through each point, so that we 
could draw a diagram with no n + a in a “special role”? 

Exercise 6S. Show that Conjecture 12 x , on page 48, implies that 

Pi (N) ~ P 4 (N). 

Compare with the empirical data. 
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Exercise 7S. Let N be written in decimal: 

N = a n 10 n + a n - 1 10 n 1 + ... + a x 10 + ao. 

Let the sum of the digits be 

S N = O'n + Cln-1 + + dl + GO 

and the alternating sum and difference be 

D n — a n — a n -i + ... + ( —l) n no • 

Using residue algebra prove the divisibility criteria: 

3 |N > 3|Sjv , 

9|2V <—> 9\Sjff , 

11 \N <-> 11\D N . 

Exercise 8S. (Gauss, Reciprocals, and Fermat’s Theorem) On pages 
53—54 we indicated that Gauss independently discovered Fermat’s Theorem 
from his studies, as a boy, of a table of reciprocals. Let us put ourselves in 
his place and reconstruct his discovery. Gauss computed a table of recipro¬ 
cals 1/m out tom = 1000. If p(m) designates the period of 1/m in decimal, 
the period for all m < 100, and prime to 10, is given in the following table: 


PERIOD OF 1/m IN DECIMAL 



Now, being Gauss, the reader at once notes: p(m) < m always; p(m) = 
m — 1 only if m is prime; but p(m) m — 1 for every prime m; however, 
if p(m) 5* m — 1 for some prime m, then p(m) \m — 1 for that prime; and 
this implies m|10 w_1 — 1 for every prime m other than 2 and 5. 

Now prove this “conjecture” by noting, first, that the significance of the 
p(m) = m — 1, for some prime m, is, that during the division involving 
p(m) digits, each remainder r (that is, residue of 10 n ), from r = 1 to 
r = rn — 1 , occurs exactly once. If p(m) = e < m — 1 for some prime m, 
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& different remainders occur. If a is not one of these, a/m also has a period 
of e and these e remainders are all distinct from the foregoing. By continua¬ 
tion, and exhausting all possible remainders other than zero, e\m — 1. But 
the base 10 plays no essential role in the argument so that, for any prime 
m, (a, m) = 1 implies m\a m ~ l - 1 or a” -1 = 1 (mod m). 

Now, reader, relinquish your role as Gauss, resume that of a student and 
verify that Gauss’s proof of Fermat’s Theorem, in his book Disquisitones 
Arithmeticae, is essentially that which we have just reconstructed, and 
further, with a slight abstraction, this is the classic proof of Lagrange’s 
Theorem (Exercise 71 on page 86) given in any book on group theory. 

Note that whether one is led to Fermat’s Theorem via the perfect num¬ 
bers, or via periodic decimals, the problem does not initially concern 
itself with the concept of primality. The concept asserts itself, and enters 
the problem whether the investigator wishes it or not. 

Exercise 9S. Let p be prime and p/a. If p = 1 (mod 4), a and —a are 
both quadratic residues of p, or neither is. If p = —1 (mod 4), exactly 
one of the two, a or —a, is a quadratic residue of p. 

Exercise 10S. In Exercise 34, page 47, we saw that any value 
a = 1, ±2, ±3, or ±6 is a quadratic residue for one-half of the primes, 

and a quadratic nonresidue for one-half of the primes. Investigate this 
problem for all a. Start with any a = (— 1) <p ~ 1)/2 p, where p is an odd prime, 
such as a = —3, +5, —7, —11, +13, etc. Use Theorem 30 on page 63, 
and the Quadratic Reciprocity Law in the form preferred by Gauss: 

(“)-(!)• 

and let q be a prime of the form kp + b. Now let a = (— where 

If is a product of distinct odd primes, and use Theorem 33 and its Corollary. 
Then let a be the negative of the foregoing, with q of the form k (4 M) + b. 
Introduce a factor of 2 with q = k (8.1/) + b, and finally introduce any 
square factor. 

Exercise 11 S. Generalize the ideas in Theorem 33 to obtain the famous 
Chinese Remainder Theorem. Consider n moduli wi,- prime to each other: 

(mi , ray) = 1 (iy^j). 

Then the set of congruential equations: 

x = d (mod m { ) (i = 1, 2 ,..., n ) (317) 

has a unique solution x modulo the product M = mi • m 2 ... m n . The solution 
may be obtained from the inverses: 

M V 1 
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6# formula 

x = XI a,i — Ci (mod M). (319) 

z=1 7Tli 

As an example find the four square roots of unity modulo 2047 = 23*89 
by solving all four cases of 

jx = ±1 (mod 23) 

\x = dbl (mod 89). 

Further, two solutions of x 2 - 2 = 14 (mod 2047) are obviously x = ±4. 
Find two others. 

Exercise 12S. Investigate the parallelism between the proofs of Theo¬ 
rems 34 and 36, both of which are due to Gauss. But also consider the 
significant difference whereby the <t>(d) solutions x in the former theorem are 
given explicitly, while the <j>(d) residue classes of order d in the latter are 
shown to exist nonconstructively. 

Exercise 13S. If g is a primitive root of p, a prime of the form 4m + 1> 
then so is p — g a primitive root of p. 

Exercise I4S. Show that the two proofs of the “if” part of Wilson's 
Theorem, that by Dirichlet, equation (52), and that of Exercise 54, page 
74, are not as unrelated as they seem at first. 

For the classical trick of summing s = n to write the same sum 

backwards and associate integers with a common sum , thus: 

s = 1 + 2 + • • • + (p — 2) + (p — 1) 

s = (p — 1) + (p - 2) + (p - 3) + * • • + 1 _ 

2s = (p — 1) + (p — 1) + (p — 1) + * * * + (p ” 1) + (p — 1) * 

On the other hand Dirichlet’s proof associates integers with a common 

product , and one proof is a logarithmic version of the other. 

As an aside the reader may note that the same “classical trick,” ab¬ 
stractly speaking, is also at the foundation of Euclidean metric geometry. 
Euclid's I, 34 states that the diagonal of a parallelogram divides it into 
two equal parts: 


The parallel postulate comes in at I, 29, and the reader may verify, in the 
diagram on page 129, that all further consequences of I, 29 leading up to 
the Pythagorean Theorem utilize this I, 34. 
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Exercise loS. A student, S. Ullom, notes in the diagram on page 75, 
that if we take differences modulo 17 we get the cyclic group again, rotated 
through a certain angle: 


2 



Prove that this property holds for every prime p and primitive root g. 

Exercise 16S. In the definition of subgroup on page 83 it is redundant 
to stipulate that the set contains the identity. Further, if the group is 
finite, it is also redundant to stipulate the presence of every inverse. A sub¬ 
set of a finite group therefore is a subgroup of that group if it merely 
satisfies the closure postulate, (A) on page 60. 

Exercise 17S. Ullom asks if the converse of Theorem 41 on page 85 is 
true. If all the squares in a group have an equal number of square roots 
is the group necessarily Abelian? Answer by A. Sinkov, no. There exists a 
non-Abelian group of order p 3 for every odd prime p wherein each element 
has one square root. 

Exercise 18S. If 3flX w 3their cycle graphs may be drawn so that 
that they look alike, i.e., they may be superimposed. Show that the con¬ 
verse is true; if they look alike, they are isomorphic. 

Exercise 19S. To prove the criterion for the three-dimensionality of the 
cycle graphs of certain arc* given on page 97 proceed as follows. First, 
note in 3nx 63 the configuration involving the 3 square roots of unity other 
than 1, namely, 62,8, and 55, and any three of the quadratic residues other 
than 1, say, 4, 25, and 37: 



62 
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This portion (sub-graph) of the cycle graph is already three-dimensional 
(nonplanar). To see this, let us attempt to place these six residue classes 
in a plane and connect them without any crossing lines. First draw 



The path shown is a so-called Jordan Curve, and by the Jordan Curve 
Theorem, which see, the third quadratic residue can topologically go into 
only two places, the “inside” or the “outside.” Any two points in the 
inside may be connected by a continuous arc lying wholly within the in¬ 
side. Similarly for the outside. But if one point in the inside is joined to a 
point in the outside the connecting arc must cross the Jordan Curve. 
Choose the inside for the residue class 37 and connect to 8 and 62: 



Now, by the Jordan Curve Theorem, we have three options for locating 
55. Complete the proof that this sub-graph is nonplanar. 

Since it is nonplanar it is clear that completion of the cycle graph, by 
adding other residue classes and lines, cannot undo this property, and there¬ 
fore 9TC63 is also nonplanar. 

Finally show that if has at least two characteristic factors, f r and 
fr-i , which are not powers of 2 the cycle graph of 3f VL m must contain a sub¬ 
graph similar to the foregoing and therefore JTlm is three-dimensional. 

Exercise 20S. If, as on page 97, 

= <2°> • <2> • • ■ <2®> • <2 'N> 

for some odd N S 1, and likewise if 

= <2°> • <2 b > • • • <2’> • <2‘AT> 
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with the same characteristic factors except for the last, prove that the 
cycle graphs of and 3H m / may be drawn so that the latter will contain 
N' lobes of the same structure as the N lobes in the former. 

Exercise 21S. If N = 1 in the previous exercise we may say is one- 
lobed. Examples illustrated on pages 87-91 are arris, 3Tl 16 , am 2 4 , 2^4, 3TC 8 5, and 
31196. Gauss proved that an m-sided regular polygon may be constructed 
with a ruler and compass if, and only if, m is a power of two times a product 
of distinct Fermat primes. An m-sided regular polygon is therefore so 
constructable if, and only if, is one-lobed. 

Exercise 22S. Prove the statement on page 98 that a cycle graph which 
contains four lobes of {2*2} does not represent a group since it implies a 
violation of the associative law. 

Exercise 23S. On page 102 we indicated that the computations for ob¬ 
taining the representation of 3Tt w from the primitive roots of the corre¬ 
sponding primes were indicated explicitly in the proof of Theorem 44, 
However, on page 99, only one of the two, h or h + p, was proven to be a 
primitive root of p k , Jc > 1. Remove this tentative feature by showing, first, 
that if 

hn = h + np , (n = 0 , 1 , 2, ... p - 1 ) 

the p values of hi 1 modulo p are all incongruent and exactly one of them, 
say h m , satisfies hZ =1 (mod p 2 ). Now solve for m and give an explicit 
formula for h m +i . The latter is a primitive root of p k for all k > 0. 

Exercise 24S. If the fallacious result in Exercise 80 on page 102 were 
true, it would follow from Exercise 79 that if 3 is primitive root of 487, it 
would not be a primitive root of 487 2 . But show by computations like those 
on page 102 that 3 is a primitive root of both 487 and 487 2 . 

Exercise 25S. There are infinitely many primes of the form 12 k — 1. 

Exercise 26S. The integer 2047 is a fermatian but not a Carmichael 
number. If (a, 2047) = 1, the probability that a 2046 = 1 (mod 2047) is 

Exercise 27S. Prove Theorem 57 on page 138 without explicit reference 
to unique factorization. For if (c, a) = g, let c - Cg, a = Ag, and utilize 
(A,C) = 1. 

Exercise 28S. Attempt to prove Theorem 63 on page 150 for the 
Gaussian integers. These are the algebraic integers in the field k(e 2irili )— see 
page 152. If you succeed, try also /c(e 2irt/3 ), and if you succeed here attempt 
to prove Conjecture 16 for the exponent 3. See page 152. 

Exercise 29S. Attempt to prove Theorem 68 on page 162 by elemen¬ 
tary means. Alternatively, investigate the elliptic theta functions and 
attempt to rederive Jacobi’s proof mentioned on page 165. 



Supplementary Comments , Theorems , and Exercises 209 


Exercise 30S. Attempt to prove Theorem 75 on page 168. 

Exercise 31S. (Euler’s Identity) Unlike the result of Diophantus on 
page 159 for sums of two squares, m = a 2 + b 2 + e and n = e + / + <7 
do not imply that mn = / + k 2 + 2 2 . Find a counter-example. Derive from 
the vector algebra on page 169 the true relation: 

tf + i' + M + f + t) (320) 

= (ae + hf + eg) 2 + (bg — c/) 2 + (ce — ag) 2 + (a/ — be) 2 . 

But for four squares we again have a result analogous to that for two 
squares, for show that the last equation is a special case of Euler's Identity : 

(a 2 + b 2 + e 2 + d 2 )(e 2 + f + g 2 + h 2 ) 

= (ae + bf + eg + d/i) 2 + (af — be + ch — dg) 2 (321) 

+ (ag — bh — ce + df) 2 + (ah + bg — cf — de) 2 . 

With reference to a textbook of modern algebra examine the parallelism 
between Diophantus’s Identity and complex numbers on the one hand, 
and Euler’s Identity and quaternions on the other. 

Exercise 32S. (A false start on Theorem 61) In view of Euler’s Identity 
in the previous exercise, if 

p — w + x + y + z 

for every prime p, the Fermat-Lagrange Four-Square Theorem on page 
143 would follow by induction. Now, by Theorems 60 and 72, 

p = a + b 2 + 0 2 + 0 2 , 

or p = a 2 + b 2 + b 2 + 0 2 

for all primes except those of the form 8 k + 7. Of the latter one-half are of 
the form 

p = a 2 + b 2 + b 2 + b 2 

by Exercise 129. Now attempt to express at least some of the remaining 
primes in the form 

a 2 + b 2 + (2bf + 0 2 or a + b 2 + b 2 + (2b) 2 

by use of Theorem 75. The attempt fails. 

Exercise 33S. (Lagrange’s Four-Square Theorem) A proof of Theorem 
61 is known which is remarkably like that of Theorem 60 on page 159. 
There are small differences, due first, to the fact that Theorem 60 applies 
only to primes = 1 (mod 4) while Theorem 61 applies to all primes, and 
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second, because 4(£) 2 = 1, while 2(|) 2 < 1. We first prove the 
Lemma. For every prime p there is a q Q such that 1 ^ q 0 < p and 

PQo — cto + bo 2 + Co 2 + do 2 . (322) 

For p = 2 this is obvious, and for p = 1 (mod 4) we proceed as on page 
159 with Co = do = 0. For p = — 1 (mod 4) let a be the smallest positive 
quadratic nonresidue of p. Then a — 1 and p — a are both quadratic 
residues; and, by adding these, find an a 0 and b 0 such that 

PQo — ao -f- b 0 2 -j- l 2 + 0 2 

with § 0 < p. 

If q 0 is even in (322), 0, 2, or 4 of the integers there, a 0 , b 0 , c 0 , and do , 
are even. By associating integers of the same parity, and renaming them if 
necessary, show that 

»- * (§•)=(h*)'+(^ y+c-^y+c^y- 

But if g 0 is odd proceed as in equation (217), page 159, etc., using the 
identity of Euler instead of that of Diophantus, and thereby obtain a qi less 
than g 0 • Now complete the proof, again using (321). 

The foregoing proof of the Lemma uses ( — l|p) = ( —1)* for both 
classes of odd primes, p — 2P + 1 = ±1 (mod 4). A different proof uses 
the Box Principle on the p + 1 residue classes 

x and — 1 — x 

with 0 S x ^ P. Then show that 

Xi = — 1 — xf (mod p) 

for at least one i and j, and thus that 

pqo = Xi 2 + x 2 + l 2 + 0 2 

for a = P • 

Exercise 34S. (Waring’s Conjecture) The integer 7 = 4+ l + l + l 
cannot be expressed as a sum of fewer than 4 squares. Similarly prove 
that 

23 = 8 + 8+1 + 1 + 1 + 14-1 + 1 + 1 

and 

79 = 4-16 + 15-1 

cannot be written as a sum of fewer than 9 positive cubes, and 19 bi- 
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quadrates* respectively. Verify the generalization stated by one of Euler’s 
sons that if 

3 fc = 2 k qic + n with 0 < r k < 2 k , (323) 

then the integer 2 k q k — 1 cannot be written as a sum of fewer than I(k ) 
positive /c’th powers where 

I(k) = 2 k + q k - 2 = 2 k + - 2. (324) 

Waring had earlier implied that every positive integer is the sum of I(k) 
non-negative k ’th powers. 

A great deal of modern work in this direction has succeeded in “nearly” 
proving Waring’s Conjecture. Hilbert proved that for every positive k 
there is a smallest g{k) such that 

g(k) 

n — ^v x m 

771=1 

for every positive n , with non-negative x m . But he did not show that 
g(k) — I(k ), nor even give it an upper bound. 

Wieferich proved that g(3) = 7(3) = 9, and Pillai proved that < 7 ( 6 ) 
= 7(6) = 73. Dickson and Niven proved that if 

r k ^2 k -q k , (325) 

and k ^ 7, then g(k) = I(k). Verify (325) for 1 g k ^ 10. It is now con¬ 
jectured that (325) is true for all positive k, and, if this were true, Waring’s 
Conjecture would be proven for every k except 4 and 5. If (325) is false 
for some k, and if f k = [(£)*], Dickson showed that, for that k, 

g(k) = 7(/c) + f k , 

or g(k) = 7(fc) +/* - 1, 

according as 2 k = f k q k + f k + q k or 2 k < f k q k + fk + Qk . Verify that 
f k q k + f k + Qk — 2 k > —1 and therefore one of these two conditions must 
hold. In these cases, if any such exist, Waring’s Conjecture would be 
false. 

With reference to the ideas suggested by the cycle graph for 9 TC 6 4 , show 
that, if k ^ 3, 

r* g 2 k - 5. 

Estimate by heuristic probability considerations the probability that 
* Biquadrate means fourth power. 
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(325) is violated for a particular fc. Therefore show that the odds would 
favor the truth of Waring’s Conjecture for all k ^ 10 . 

There remain the hardest cases, k = 5 and k — 4. Dickson showed that 

1(5) - 37 ^ ff(5) ^ 54, 

and Chandler showed that 

7(4) = 19 ^ 0(4) g 35. 

It is curious that the easiest exponent for Fermat’s Conjecture, namely, 
4, is the hardest exponent for Waring’s. Nonetheless the earliest and 
simplest result, due to Liouville, is for this exponent, and like the same 
exponent in Theorem 62 it utilized the theory for the exponent 2 . 

Liouville showed that 0 ( 4 ) | 53, that is 

53 

n = Z* m 4 . 

m=l 

Let n = 60 + r, and, using the Four-Square Theorem, 
n — 6 a 2 + 65 2 + 6 c 2 + 6d 2 + r. 

Again use this theorem on a, b , c, and d so that 

( 4 \2 / 8 \2 / 12 \2 / 16 \2 

£ Xij + 6 ^£ Xij + 6 ^£ x 2 j + 6 ^£ x 2 j + r, 
where r = 0, 1, 2, 3, 4, or 5. Now Liouville uses the identity: 

6 ^£ x t 2 ^ = (xi + X 2) 4 + (#i — X 2 Y + ( X\ + Xz) A + ( X\ — x 3 ) 

+ (a* + x 4 y + (xt - x 4 y + (x 2 + x 3 y + (* 2 - * 3 ) 4 (326) 

+ ( X2 + ^ 4) 4 + (X2 — X 4) 4 + (x 3 + ^4 ) 4 + (x 3 — X4) 4 . 

Verify this identity and the proof follows at once. 

When Liouville’s recipe is applied to n — 79 we get exactly 19 positive 
biquadrates, not 53. We get, in fact, the representation on page 210. 

The reader who wishes to pursue these problems will find a vast litera¬ 
ture. There is not only the extensive analytic theory (due to Dickson 
et al) mentioned above, but Waring’s Problem has also been extended to 
algebraic numbers by C. L. Siegel et al. There is also the so-called “easier” 
Waring’s Problem. Note that if we allow negative integers, 23 is the sum 
of only 5 cubes: 


23 = 3 3 + (-1) 3 + (-1) 3 + (-1) 3 + (-1) 3 
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More generally, a representation in the form 

n = dr 

i 

is allowed in this “easier” Problem (E. M. Wright et al). 

Show that, with this new degree of freedom, the 4 squares necessary in 
Lagrange’s Theorem may always be reduced to 3, e.g.: 

28 = 14 2 - 13 2 + l 2 . 

More generally, a representation as a sum and/or difference of three 
squares is also possible for those algebraic integers which may be written 
as a sum and/or difference of any number of squares (R. M. Stemmier). 
Examine the Gaussian integers and show that not all of them are repre¬ 
sentable as a sum and/or difference of squares. 

Exercise 35S. (Theorem 76 for N = —2, see page 171) 

Theorem 76j Let n = db 1 (mod 8) and be > 1. If n is prime , n = a 2 — 2 b 2 
in a unique way in positive integers a and b such that b ^ s/nf 2. Further 
(a, b) = 1. Conversely , if n = a 2 — 26 2 in a unique way in non-negative 
integers with b g y/n/2, and if (a, b) = 1, then n is prime. 

First show, for any positive n, that if n — a 2 — 2b 2 , and if a > y/2n, we 
also have n — a 2 — 2b 2 with 

= 3a — 46, 

6i = 36 — 2a, 

andO < ai < a . For the smallest a > 0 we therefore must have a g y/2 n, 
and 6 ^ y/n/2 follows. 

Show uniqueness, for n prime, somewhat as on page 160 with Eq. (232) 
instead of (215). From the analogue of Eqs. (222) and (223), and the in¬ 
equalities for a and 6, obtain a contradiction with a solution of 

a 2 — 26 2 = 1 

having 0 < 6 < 2. 

Finally, one must prove the converse. 

Further, for n prime, if x and y are obtained from Thue’s Theorem, as 
in the proof of Theorem 74 on page 166, show that 2y — x = a and 
y — x = 6 give the unique solution indicated in the above theorem. From 

-M v = 1 - 2(2 (p_1>/2 ) 2 

obtain a solution of 

M p = a 2 — 26 2 


with 6 < y/Mp/2. Find such a representation for M^ and two such for Mu . 
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Develop a result analogous to Theorem 76i for a 2 — 36 2 . 

Exercise 36S. Using heuristic probability considerations similar to 
those used for Mersenne numbers on page 197 argue that there are only a 
finite number of Fermat primes as is suggested on page 80. Why is the 
argument less convincing in this case? 

Exercise 37S. Obtain the constant (35a) for Conjecture 7 by a prob¬ 
ability argument. If the probability of n + 2 being a prime were inde¬ 
pendent of the probability of n being a prime, we could assign l/(log n) 2 
as the probability that both are prime. But if n > 2, prime, and therefore 
if 2 \n, we automatically have 2 \n + 2. We therefore (tentatively) 
correct the probability to 2/(log n) 2 since on this ground, if n is known to 
be prime, n + 2 now has twice the probability. But, again, if n > 3, prime, 
and therefore 3 \n, n + 2 has 1 chance in 2 of being divisible by 3, not 1 
chance in 3. We again correct to 

1 

2 1 
1 (logn) 2 * 

3 

By continuation, obtain (35a), and by integration obtain the conjectured 
asymptote in (35). 

For large N it is known that the agreement in (35) is good. Thus D. H. 
Lehmer finds Z(37-10 6 ) = 183728, while the right side of (35) for 
N = 37•10 6 is 183582. •••. 

Exercise 38S. If Z ik) (N) is the number of pairs of primes of the form 
n — k and n + kiorn + k^N, advance an argument to show that 

Z i2 \N) ~ Z (1) (W), 


1 - 

2 - 

1 - 


but 

Z m (N) ~ 2 Z a) (N). 

Exercise 39S. Develop a strong conjecture which bears the same rela¬ 
tion to Conjecture 4 as Conjecture 7 does to Conjecture 6. Using the 
datum Z(1000) = 35 estimate the number of M p , with p < 1000, for 
which 2 p + 1| M p . Compare with the list on page 28. 

Exercise 40S. (Lucas Sequences) From page 199 the Si = 4 in Theo¬ 
rem 82 may be replaced by Si = 3 for one-half of the M p . But in Exercise 
159 it develops that Si = 10, like Si = 4, is valid for every M p . Show 
that besides Si = 4, and Si = 10, there are infinitely many such universal 
starters. For instance 52 is one such, and if x is one, so is x(x 2 — 3). Hint: 
Note, on page 188, that 4 = 2 P 2 while 52 = 2 P G . 
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Study the transformation 

*< + i - *; 2 - 2 (327) 

acting upon every residue class modulo a prime M p . For Ms verify the 
following diagrams: 



Here the -> means application of the transformation (327). 

Now note the following: 52 = — 10 (mod Ms ). The repeated applica¬ 
tion of the transformation 

Xi+i = Xi{xi — 3) (328) 

to any of the 8 possible starters in the top row of the main pattern gives 
a cyclic sequence of period 8 which runs through these 8 starters. Applica¬ 
tion of (328) to the second row gives the second row in a cycle of period 
4, etc. Omitting the residues 0 and ±2 all 5 — 3) of the remaining 

residues in the main pattern satisfy ( —^while the J(M 5 — 3) 

(x - 4\ 

residues in the spiral patterns satisfy ( ^ 1 = + 1. 

Develop a general theory for all prime M v , proving the main theorems, 
if you can. 




CHAPTER IV 


PROGRESS 


66. Chapter I Fifteen Years Later 

First, read the Preface to the Second Edition. Square brackets below 
indicate references: [1]—[34] are the annotated references of the first 
edition, while [35]—[154] have been added for this chapter. 

There has been work on Open Question 1, page 2. In [35] Hagis shows 
that no odd perfect number is less than 10®°. His long, detailed 83-page 
notebook [36] has been carefully checked by his principal competitor 
Tuckerman, and so we must accept it as valid. In [37] Buxton and 
Elmore claim 10 200 , but I do not know that their proof has been 
similarly authenticated. 

Does this 10 50 bound change the status of Open Question 1 to that of 
a Conjecture? Not in my opinion; 10 50 is a long way from infinity and 
all we can conclude is that there is no small odd perfect number. In 
fact, of the 24 known even perfect numbers, only the first nine are 
smaller than 10 50 , so we cannot even state that P w = 2 88 M 89 « 1.9 • 10 53 
is the tenth perfect number. When one examines the elaborate [36] it 
certainly seems doubtful that anyone will overtake ^24 _ 2 19936 M 19937 « 
9.3 • lO 12002 by such methods. But Hagis himself graciously implies [38] 
that Tuckerman’s algorithm [39] may be more powerful than his. 

There has been work on the table of ‘rr(n), page 15. Lehmer’s ?r(10 10 ) 
listed there is correct as shown, although [3] erroneously gave it as 1 
larger. Bohman [40] worried about this discrepancy at length, but he 
then continued, using the same method, to compute 

w(10 n ) = 004118054813, 

^(lO 12 ) = 037607912018, 

tt(10 13 ) = 346065535898. 

The gap of 209 consecutive composites on page 15 is the largest gap 
[4] that occurs up to 37 million. Skipping over intermediate work, which 
is referenced in Brent’s [41], we find in [41] that the prime p = 


217 
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2614941710599 is followed by 651 composites and that all gaps that 
occur before p are smaller. Every possible gap 1, 3, 5,... up to 533 
occurs below p, and its first occurrence has been recorded. The evidence 
in [41] and elsewhere supports the conjecture that I gave in [42] and I 
now wish to add 

Conjecture 18. Let p(g) be the first prim# that follows a gap of g or 
more consecutive composites. If all gaps that occur earlier are smaller 
than g we call g a maximal gap , and we have the asymptotic law 

lo gp(g)~^H (329) 

as g -> oo. 

More general and stronger conjectures are discussed in [41] and in 
papers cited there. 

Section 10 made the point, like it or not, that the perfect numbers had 
a great influence in the development of number theory. Aliquot 
sequences are closely related to perfect numbers. One iterates the 
operation 

s(«) = a(n) - n, (330) 

where a(n) equals the sum of the positive divisors of n. See [43] for an 
introduction. If s(tc) = n, then n is perfect. Study of these sequences 
has surely been one of the causes of the many remarkable new develop¬ 
ments in primality theory and in factorization methods that have 
occurred in recent years. So we see the same forces acting before our 
very eyes (at a lower level, to be sure). The reason is clear: the perfect 
numbers (always) and the aliquot sequences (frequently) grow very 
rapidly, and if one is to handle them one is constantly forced to invent 
stronger and stronger methods. The sequences a " ± 1 are also related, 
and a project for factoring them has been another cause of these new 
developments. Their exponential growth creates the same situation and, 
as before, Necessity becomes the Mother of Invention. 

Now consider Conjecture 4 and Exercise 16 on page 29, and the 
answer to the latter on page 169. Exercise 39S calls for a stronger 
quantitative version of Conjecture 4, and we could also ask for a 
stronger modification of Exercise 16. The generalization was given in 
T441 and we call it 

Conjecture 19. Let f k (N) be the number of M p with p ± N that have a 
prime divisor d = 2kp + 1. Then 


( 331 ) 
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as N oo, where z(N) is the right side of (35) and the product above is 
taken over all odd primes q, if any, that divide k. 

In [44] the conjecture is stated in a stronger form: the order of the 
error term is given. The heuristic arguments and data given in [44] 
make Conjecture 19 very plausible. We return to it presently. 

Conjectures 6 and 7 about twin primes are truly key questions. The 
twin primes 140737488353700 ± 1 were the largest known to me in 1962 
but one of the new primality criteria alluded to above has yielded [45] 
the much larger pair 76 • 3 139 ± 1. These primes have 69 decimal digits 
but no doubt even larger pairs could be found by the same method. 
Brent [46] (see also [47], [48]) has counted the twins up to 10 11 and finds 

z(10 n ) = 224376048, 

so that we could now give one pair to every American. 

The evidence for Conjectures 6 and 7 is overwhelming, and although 
they remain unproved, interest has already shifted to the second-order 
term 

r 3 (N) = z(N) - z(N). (332) 


This difference oscillates [46, Fig. 3] around zero in an unpredictable 
way; it is not understood at all [48]. 

In his famous paper [49] that initiated sieve theory, Brun proved that 
the series 



(333) 


converges. The denominators here are the twin primes. The accurate 
computation of Brun’s constant B is a real challenge [50]. Assuming 
(35), Brent [46] estimates 


B = 1.9021604 ± 5 • 10 -7 . (334) 

This is probably correct, or nearly correct, but the unpredictable r 3 (N) 
makes it very difficult to obtain greater accuracy. While B is a well-de¬ 
fined real number, its evaluation to, say, 20 decimals would not only 
require a proof of Conjecture 7 but would require the understanding of 
r 3 (N) besides. 

For all primes, the analogous 



- 77 (N) 


can be expressed in terms of the complex zeros of the Riemann zeta 
function [51], That is bad enough, but for r 3 (N) we lack even that. 
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The generalization Z^ k \N) of Conjecture 7 referred to in Exercise 
38S, which counts the prime-pairs 

n - k , n + k (335) 

for n + k ^ N, had been examined in [4] for k = 1, 2,..., 70. The 
more difficult problem 

Pn + 1 ~ Vn = Zk (336) 

concerning consecutive primes has been impressively studied by Brent. 
In [41] he estimated the value of p n+1 , where (336) is first satisfied, and 
in [52] he estimated the number of solutions of (336) for p n+1 ^ N. His 
extensive empirical data convincingly agrees with the conjectures de¬ 
duced there from reasonable heuristic arguments. Of course, none of 
these conjectures was proved. 

Going beyond the linear polynomials (335) to Conjecture 12 x and the 
table on page 49, let us add [53] as another source of data on P a (N) 
besides the earlier [16]. For P^N) alone, that is, for primes of the form 
n 2 + 1, Wunderlich [54] has gone much further and we record his 

P^IO 6 ) = 54110 and P^IO 7 ) = 456362. 

As expected, they agree well with Conjecture 12. 

The Bateman-Horn Conjecture [34] is a most important generaliza¬ 
tion. Briefly (but see [34]), if 

hin),f 2 {n), ■ ■ ■ f k (n) (337) 

are k independent, irreducible polynomials in n, and if Q(N) is the 
number of n ^ N for which all of the k f^n) are simultaneously prime, 
then 

Q(N)~C r -~— k (338) 

J 2 (logttf 

as N oo, where C depends upon the array (337) and is given by a very 
slowly convergent product. 

The linear and quadratic cases above are all special cases of (337) and 
all other polynomials that have been studied, such as 

fi = + 1, f\ = fi? + 3, fi — v? + 1091, 

A = (n- l) 4 + 1, / 2 = (n + l) 4 + 1, 

etc. have given results consistent with (338). An accurate computation 
of the appropriate C is frequently difficult, but in [55] Davenport and 
Schinzel give a useful first approximation. Recently [56], Epstein zeta 
functions have been found to be very effective in computing many such 
constants C accurately. 
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Except for the single linear polynomial f x = an + b, with ( a , b ) = 1, 
where (338) reduces to the (28) in de la Vallee Poussin’s Theorem 16, no 
case of (338) has been proved. Nonetheless, one can be quite confident, 
for example, that although f 1 = n 4 + 2 has never been studied, one can 
now compute its C accurately (say, to 12 decimals) by Epstein zeta 
functions and would find that that C and k = 1 in (338) would ac¬ 
curately estimate its Q(N) for large N. 

An unusual result of Hensley and Richards may offer a different type 
of evidence. If the in (337) are all linear, and if we assume infinitely 
many fc-tuples of such primes for each suitable array (337), without 
requiring the stronger result (338), Hensley and Richards [57] show that 
for some integers x and y ^ 2 we have 

tt(x + y) > -n-(x) + w(y). (339) 

Since this contradicts a frequently suggested property of r(x), it would 
be desirable to find such a counter-example. There is none with x = y, 
since it was recently proved [57a] that it(2x) < 2it(x) if x ^ 11. While 
an example of (339) would certainly not prove the fc-tuple prime 
conjecture, it would at least verify a predicted but unexpected con¬ 
sequence. 

Goldbach’s Conjecture 8 has been verified [58] by Stein and Stein for 
all even numbers up to 10 8 . The historically important variant 

4m + 2 = p x + p 2 

with pj = p 2 = 1 (mod 4), which was mentioned on page 244, was also 
verified to the same limit if we allow p x = 1 for a few small n. Hardy 
and Littlewood [9] also gave a strong version of Conjecture 8. If P[2n) 
is the number of solutions of 

2n = p 1 + p 2 

then 

P(2n) ~ f (2 m) II ( ^-|), (340) 

in the notation of (331). This has been satisfactorily verified to n = 10 5 
in [59]. See also [60] for a different version. 

The extensive development of sieve methods since Brun’s time (cf. 

[61] ) has been largely directed towards the proofs of weakened conjec¬ 
tures. The result that is closest to (340) was obtained by Jing-run Chen 

[62] (cf. [61]). He showed that, for all n greater than some m 0 , the 
number of solutions of 

2m = p x + P 2 , 

where P 2 is the product of at most two primes, is greater than one-third 
of the right side of (340). 
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As this is being written, there has just appeared [63] a result of 
Pogorzelski which states “The Goldbach Conjecture is provable from 
the following: The Consistency Hypothesis, The Extended Wittgenstein 
Thesis, and Church's Thesis." It seems unlikely that (most) number-the¬ 
orists will accept this as a proof of Conjecture 8 but perhaps we should 
wait for the dust to settle before we attempt a final assessment. 

Schinzel [64] has generalized the strong Goldbach conjecture (340). 
This complements the Bateman-Horn conjecture and, although it has 
not been studied as extensively as the latter, there is no reason to think 
that it is not equally reliable. 

Finally, returning briefly to (331), we note that only for k = 1 is this 
contained in the Bateman-Horn Conjecture. For k = 3, 4, 5, 7,... (331) 
takes us into a new realm and thus suggests [44] that the Bateman- 
Horn conjecture can and should be generalized further. Also of interest 
in [44] is the speculation there that it may now be possible to prove 
Conjecture 3, which states that there are infinitely many Mersenne 
composites. Of all the conjectures in Section 12, Conjecture 3 is cer¬ 
tainly the hardest to doubt and perhaps the easiest to prove. It is 
embarrassing that none of the conjectures in Section 12 are yet proved 
and good strategy therefore suggests a serious attack on Conjecture 3. 

Exercise 162 (“Hard Times"). In the 4000 numbers fi(ri) = n e + 
1091, (n = 1 to 4000), there is only one prime. Identify it, and estimate 
the small constant C in (338) for this/^w); [65], [66]. 

67. Artin's Conjectures, II 

Artin’s Conjecture 13 remains as before: there is little doubt that it is 
true, but it has not been proved, not even for a single base a, including 
the values a = - 2, - 4, + 3 cited in Theorems 38-40. For a = 3 in 
Theorem 40, while many new factors have been found for various F m , 
[67], [68], [69] including the spectacular factorization 

F 7 = 59649589127497217 • 5704689200685129054721, 

not a single new prime F m has been found and perhaps there are none. 
Nonetheless, there is little doubt that Conjecture 13, and Conjecture 14 
also, are true for a = 3. 

But Conjecture 14 is not true, as it was stated, for all a =£b n with 
n > 1; in particular, it is false for a = 5. The heuristic argument for 
a = 2 on page 82 is sound, and it also applies to a = 3. But for a = 5 it 
is not sound; Artin has an oversight here and we have followed him too 
uncritically. Those p that have 5 as a quintic residue, i.e., those for 
which one has 5|G in the notation above, were deleted there by multi- 
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plying by the factor 



But these p are all = 1 (mod 5) and since (5|5Zc + 1) = + 1 by the 
Reciprocity Law, they also have 2 | G and we have already deleted them, 
with the factor 

H)- 

For a = 5, being a quintic residue is not independent of being a 
quadratic residue. That is the only erroneous factor for a = 5, and so 
we should expect 

v 5 (N)~™Ar(N) (341) 

instead of (117). Therefore, a = 5 should have a density of primitive 
roots that is about 5% higher. 

What is really embarrassing here is that it is just what one finds in 
Cunningham’s table on page 81! We accepted the high p 5 (10, 000) = 492 
there because it exceeded A7t(10,000) = 459.6 by less than 2V459 6 and 
by an imprecise probability estimate such an excess seems to be an 
acceptable fluctuation. If Cunningham had continued his table for 
a = 5 until N = 10 5 or 10 6 the error would certainly have become 
obvious. 

For the seven other a in Cunningham’s table, Conjecture 14 needs no 
change. But for a = 13, 17, 29, . . . or a = — 3, —7, —11,... , that is, 
for any prime = 1 (mod 4), we have the same coupling between 2\ G and 
|a| | G, and (341) generalizes to 

(842 > 

Had Cunningham computed the data for a = — 3, the fact that its 
density runs 20% higher than that for a = 2 and 3 would surely have 
exposed the error much earlier. 

D. H. and Emma Lehmer discovered and analyzed these errors in 
their aptly entitled paper “Heuristics, Anyone?” [70], where they did 
include data for a = — 3. For most small a the correction needed for 
(117), if any, is rather obvious; but the general case is somewhat 
complicated, and for brevity we refer the reader to Heilbronn’s for¬ 
mulation in [71, secs. 23, 24]. 
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Exercise 163. Show that for a = — 15 there is coupling between the 
cubic and quintic residues and therefore the conjecture should be 
y-w(N) ~ 94Ar(N)/95. 

Let us now record 

Conjecture 14 (Amended). If a is not — 1 or a square, then 

Va(N) ~ f a Air{N), (343) 

where f a is a rational number given by Heilbronn’s rules [71]. Fre¬ 
quently, e.g.,for a = - 6, —5, -4, —2, 2, 3, 6 ,f a is simply equal to 1. 

The next big development was that Hooley [72] proved Conjecture 14 
(Amended) conditionally. He showed that (343) follows if one assumes 
that the Riemann Hypothesis holds for certain Dedekind zeta functions. 
(Clearly, that implies that Conjecture 13 also follows under these 
conditions.) His proof goes well beyond our subject matter and we 
confine ourselves to one remark: Hooley’s bound for the error term 

k(JV)-/ 0 A^)l 

is rather large compared with the known empirical data. 

Baillie computed both sides of (343) for all a between -13 and +13 
inclusive and all N up to 33 • 10 6 . In my review [73] of this extensive 
table, I point out that 

kW - f.MN)\ (344) 

is valid for all a and N in this range. While we certainly do not know 
that (344) remains valid for larger N, this does seem to suggest that it 
may be possible to reduce Hooley’s error term, assuming, as before, all 
needed Riemann Hypotheses. 

An elementary variation [74] on (343) of interest is given by 
Definition 42. If g is a primitive root of p that satisfies 

g 2 = 1 + g (mod p), (345) 

we call g a Fibonacci primitive root. 

Since (345) implies 

g 3 = 9 + 9 2 > g 4 = g 2 + 9 3 , etc. (mod p), (346) 

the sequence g° = 1 , g 1 = g, g 2 , . . . , which would normally be com¬ 
puted by repeated multiplication by g (mod p) y can also be computed 
additively by (346). An example is g = 8 for p = 11, and we have 
g 2 = 1 + 8 = 9, g 3 = 8 + 9 = 6, etc. Now we state 
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Conjecture 20. If v F {N) is the number of prirms 5= N that have a 
Fibonacci primitive root , then 

^ (Ar) ~§ MN) (347) 

as N —> oo. 

It was suggested in [74] that Hooley’s conditional proof of (343) could 
probably be modified to be a conditional proof of (347), and this was 
recently done by Lenstra [75]. 

68. Cycle Graphs and Related Topics 

On page 84 we indicated that Wl n and W Tl+1 are isomorphic for n = 3, 

15, and 104. This sequence continues with n = 495, 975.For n < 

10 8 there are twenty-three examples, the last of which is n = 48615735 
(verify). It is not known whether the sequence is infinite, and that is 
also true of the much larger set of n for which <p(n) = <p(n + 1). The 
latter condition is necessary but not sufficient; for n < 10 8 there are 
306 examples [76]. 

The cycle graphs have proved to be useful when working with finite 
Abelian groups; and I have used them frequently in finding my way 
around an intricate structure [77, p. 852], in obtaining a wanted multi¬ 
plicative relation [78, p. 426], or in isolating some wanted subgroup [79]. 
Any two Abelian groups that have superimposable cycle graphs are 
isomorphic, as in Exercise 18S. That is true for any groups, Abelian or 
not, that are of order < 16; but for order 16 one can display an Abelian 
and a non-Abelian group that have the same (abstract) cycle graph [80]. 
The non-Abelian one gives a nicer example for Exercise 17S, since its 
two square elements each have eight square roots. There is a second 
pair of such nonisomorphic look-alike groups among the fourteen 
groups of order 16. 

Cyclic groups have such a simple structure that one is surprised when 
they yield an important new application. In many problems, one wants 
and needs a very efficient solution of 

x 2 = a (mod p). (348) 

If p = 4 m + 3, the answer is Va =a m+1 , as in Exercise 47. But 
suppose p = 8 m + 5 or (harder) p = 8m + 1. The importance of (348) 
was obvious to Gauss [81, p. 373] and to his best English expositor 
Mathews [82, p. 53] but neither came up with a particularly efficient 
method. Sometimes an efficient method is absolutely essential. In [77, p. 
847] I am analyzing a certain subgroup and must solve (348) for 
p = (2 61 + 3) 2 — 8, a prime of 37 digits. Unless the algorithm is highly 
efficient, that is impossible. But when one analyzes the location of a in 
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the cyclic group Wl p , a very efficient algorithm is not difficult to 
construct. For brevity, the reader is referred to [83, sec. 5]. 

Gauss’s book finally got translated into English [84] but unfor¬ 
tunately the translation was not the best possible [84a]. The German 
edition, which contains considerable additional material, has been re¬ 
printed [81]. 

This year (1977) Gauss is 200 years old and I am much tempted to 
have a longish section discussing him, his work, and even his errors. But 
we have more pressing topics and for brevity we’ll move on. 

69. Pseudoprimes and Primality 

What we called a fermatian in Definition 32 is usually called a 
2 -pseudoprime in the literature. Let us write 

Definition 43. If 

a n-i = i (mod n), (349) 

n is called an a-pseudoprime whether it is composite or not. We 
abbreviate this as a-psp. Let C a (N) be the number of composite a-psp 
not exceeding N. If 

a (n- 1)/2 = {a\n) (mod n), (350) 

where (a|n) is computed as if n were prime, n is called an Euler a-psp; 
we let E a (N) be the number of these that are composite. Let c(N ) be 
the number of Carmichael numbers. 

Poulet’s [23] dates from the pre-computer age and has many errors. 
Our table on page 117 reflects all the corrections known at the time of 
our first edition, but further errors have been found subsequently [85], 
[86], Sam Wagstaff has now gone much further, and Poulet’s table 
should be retired. We show an excerpt from Wagstaff’s data [87]. I 
have included the ratio C 2 ( N ) / (N ) from our inequality (156), 
E 2 (N ) as far as I computed it on an HP-65, and S 2 (N) (which is defined 
later). 


N 

C 2 (N) 

c 2 (N)/v*W 

E^N) 

sm 

c(N) 

10 3 

3 

0.231 

1 

0 

1 

10 4 

22 

0.628 

12 

5 

7 

10 5 

78 

0.796 

35 

16 

16 

10 6 

245 

0.874 

112 

46 

43 

10 7 

750 

0.920 

— 

162 

105 

10 8 

2057 

0.857 

— 

488 

255 

10 9 

5597 

0.785 

— 

1282 

646 

10 10 

14885 

0.698 

— 

3291 

1547 
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Note that (156) remains valid in this much extended range; 
C 2 (N)/yMN) has maxima near N = 3 • 10 6 and 11 • 10 6 that are 
< 1, and it then falls steadily. The earlier (156) suggested Conjecture 
15, but that conclusion had already been proved by Erdos [88]. We have 

Theorem 84 (formerly Conjecture 15). Almost all 2-pseudoprimes are 
prime. 

Erdos proved that 

C 2 (N)e^ N)1/4/3 /N is bounded. (351) 

Therefore 

(C 2 (N)logN)/N 

must approach 0, and the theorem is proved. 

But (351) clearly does not prove the much stronger (156) and, in fact, 
Erdos has repeatedly conjectured (cf. [89]) that C 2 (N)/N 1 ~ e and even 
c(N)/N 1 ~ c will i ncreas e without bound for every positive e. If he is 
correct, C 2 (N)/^f tt(N) will stop decreasing at some N and then will 
increase without bound. What is that N1 

The matter is of interest. If a 40-digit n is a 2-psp, and if (156) holds, 
the probability that n is composite is less than 10 ~ 19 . But if 
c 2 (N)/Van) increases without bound starting at some unknown N, 
we lose that estimate. Erdos’s “conjecture” remains controversial; it is 
not a conjecture as we defined it on page 2. 

John Self ridge [87] has improved the subject with his 

Definition 44. If n = t • 2 s + 1 with t odd, n is a strong a-psp if 
a 1 = ±1 (mod n) or 

a t2r = - 1 (mod n) 

for some positive r < s. Let S a (N) be the number of composite strong 
a-psp that do not exceed N. 

Note that when one computes a*' 1 (mod n ) one first computes a 1 
(mod n ) and then squares this residue s times. Any x that we thus 
encounter which satisfies x 2 = 1 must equal ± 1 if n is a strong a-psp 
just as it does if n is a prime. 

Exercise 164 (Selfridge). If n is a strong a-psp it is also an Euler 
a-psp. The two concepts are equivalent if n = 3 (mod 4) but not if 
n = 1 (mod 4). 

Self ridge and Wagstaff have found that 

N x = 2047 = 23 - 89 
is the first composite strong 2-psp, that 

N 2 = 1373653 = 829 • 1657 
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is the first composite strong a-psp for both a = 2 and 8, that 
N s = 25326001 = 2251 • 11251 
is the first for a = 2, 3 and 5, and that 

N 4 = 3215031751 = 151 • 751 • 28351 

is the only composite strong a-psp for a = 2, 3, 5 and 7 that does not 
exceed 25 • 10 9 . 

Exercise 165. Show that N 4 is a Carmichael number. Show that N 4 is 
a strong a-psp for a = 2, 3, 5, and 7 but not for a = 11 simply by 
showing that 



is true for a = 2, 3, 5 and 7, but not for 11. 

Exercise 166. Examine the cycle graph of the subgroup C 4 x C 8 in 
3 Vt N . If (a, N 2 ) = 1, the probability that N 2 is an a-psp is 16/32; the 
probability that it is an Euler a-psp is 8/32 and the probability that it is 
a strong a-psp is 6/32. N 2 is an Euler 67-psp but not a strong 67-psp. 

Our table of C 2 (N), etc. suggests several questions, all of which are 
open. We note that E 2 {N)/C 2 (N) is running a little less than 1/2, but 
we do not know what happens as N oo. (We should emphasize that 
this ratio is an average: for n = 1 (mod 8) alone the fraction is much 
larger.) It is probable, but unproved, that c(N)/C a (N) 0. It is plausi¬ 
ble, but unproved, that S a (N)/C a (N) 0 very slowly, say as (log 
logiV)- 1 . 

In contrast with Erdos's C 2 (iV)/iV 1_€ , even C 2 (N)/log N has not 
been shown to increase without bound. Nonetheless, we list 

Conjecture 21. The ratio C a (N)/N 1/2 ~ e increases without bound for 
all a and any positive e. 

For consider the numbers 

n(m) = (12m 4- l)(24m + 1), (352) 

where both factors on the right are prime. Then n( 3) is the 10th 
composite 2-psp on page 117 and w(69) gives Selfridge's N 2 above. Since 
(2|24m + 1) = (3|24ra + 1) = 1, Theorems 44 and 46 show that each 
n(m) is a 2-psp and a 3-psp. How many such n(m) are there < N't 

Exercise 167. Adapt the heuristic argument in Exercise 37S to these 
n(m). Then the desired number should be asymptotic to 

1.3203 V2N / (log Nf, (353) 

where the coefficient is that in (35a). Show that the 25th number in 
(352) is w(213) and N = n(213) in (353) gives 25.14. Show that the 50th 
number is n(519), and now (353) gives 49.84. Not bad. 
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Additional 3-psp are generated by 

n'(m) = (12 m + 7)(24m + 13), 

and clearly these are not 2-psp. 

For every a, 

n a (m) = (Gam + l)(12am + 1) 

is both an a-psp and a 3-psp, so that there is little doubt that Conjecture 
21 is true. 

If (156) remains true (or nearly true) as N -+ oo, (353) shows that 
C 2 (N) is neatly trapped between VN /log 2 N and VN / Vlog N . 
However, there is insufficient evidence to designate (156) a conjecture, 
and we are aware of Erdos’s opinion. Numbers at infinity are quite 
different from those that we see down here: the average number of 
their prime divisors increases as log log N and, while that increases 
very slowly, it increases without bound. People say that Erdos under¬ 
stands these numbers. We do note that the Erdos construction [89] that 
is said to yield so many Carmichael numbers is decidely peculiar in that 
they all are products of primes r i for which each r { — 1 is square-free. 
That is most untypical of the known Carmichael numbers; among the 
first 300 only three have that character, namely: 

67 - 331-463, 23 • 43 • 131 • 859, 131 • 571 • 1871. 

All told, we regard the Erdos conjecture as an (unlisted) Open Question. 

The n in (352) are not Carmichael numbers, since n is not an a-psp for 
any a that satisfies (a|24m + 1) = — 1. The numbers 

n(m) = (6m -I- l)(12m + l)(18m + 1) 
are all Carmichael numbers if the three factors are prime, since 

n(m) — 1 = 36m(36m 2 ■+■ 11m + 1). 

Therefore, [90, p. 199] although it remains unproved that there are 
infinitely many Carmichael numbers, there is little doubt that c(N) 
increases at least as fast as CN 1/s /( log IV) 3 for some constant C. 

The Wieferich Squares (page 116) are much rarer; for p < 3 • 10 9 
there are still only the old examples of Meissner and Beeger [91]. 

As we indicated above, primality and factorization theory have 
advanced greatly in recent years. An exposition would require a whole 
book, and we merely give some key references here. If n is a strong 
a-psp for a = 2, 3, 5 and 7, then n is a prime if it is < 25 • 10 9 and 
¥= N 4 . But this is based on Wagstaff’s table, which required much 
computer time and is therefore not extendable to very large n. 

As an example, consider c 937 in Theorem 58. It arises in the analysis of 
a certain simple group [92] and it is essential there that it be prime. But 
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c 937 has 359 decimal digits and it surely would have defied all tech¬ 
niques known prior to the recent developments. A sketch of its primal- 
ity proof is in [92, sec. 4]. The key reference is [93], an important paper 
of Brillhart, Lehmer and Selfridge. To be very brief, this combines 
generalizations of our Exercise 161 on page 200 and of our Theorem 82. 
It uses known factors of both n - 1 and n + 1, together with a bound 
B such that n ± 1 have no other prime divisors < B, and combines all 
this into a powerful primality criterion for n. This has been imple¬ 
mented in computer programs and it is now routine to prove primality 
for large primes of, say, 50 digits. Our c 937 is much larger, but its 
algebraic source (172) greatly assists us in factoring c 937 ± 1, and that 
suffices. 

Besides the references in [93], which includes Pocklington, Robinson, 
Morrison, Riesel, etc., other pertinent references are Williams [94], [95], 
[95a] and Gary Miller [96]. The last contains an idea related to strong 
pseudoprimes. Certain factorization methods that give a complete fac¬ 
torization may also be used for primality tests if n is not too large. We 
return to them later; see [65], [78], [97]. 

In contrast to these highly technical, but very effective, methods we 
close this section with a new necessary and sufficient condition for 
primality that has more charm than utility [98]. 

Consider Pascal’s Arithmetical Triangle with each row displaced two 
places to right from the previous row. The n + 1 binomial coefficients 
of (A + B) n are ( ^), A: = 0,1,..., n, and are found in the n -th row 
between columns 2 n and 3 n inclusive. Each coefficient in the n-th row 
is printed in bold-face if it is divisible by n. 

Then we have 


Column No. 

0 1 2 3 4 5 6 7 8 9 10 II 12 13 14 15 16 17 18 19 20 21 22 23 
0 1 

1 11 
2 12 1 


3 

4 

5 

6 

7 

8 
9 

10 

11 


13 3 1 

1 4 6 4 1 

1 5 10 10 5 1 

1 6 15 20 15 6 1 

1 7 21 35 35 21 7 1 

1 8 28 56 70 56 28 8 

1 9 36 84 126 126 
1 10 45 120 
1 11 


Row No. 
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Theorem 85. The column number is a prime if and only if all 
coefficients in it are printed in bold-face. 

For a proof, see [98]. 


70. Fermat's Last “Theorem,” II 


The ratios 


144 


72 


367 - 0.892 and M - 0.393 

on page 153 are very suggestive; they are nearly equal and one asks: 
What is this number? Since a prime p must pass a gauntlet of 
(p - 3)/2 numbers B n in Definition 40 (page 153) in order to be 
regular, we may heuristically estimate the probability P of regularity 

by 

/ -* \ (« — ii) /'Z 

(354) 


-K) 


(P~8)/2 


if we assume that the numerators of the B n are equidistributed (mod 
p). Then P~ e _1/2 = 0.60653 as p —> oo, and the density of irregular 
primes is therefore given by 


Conjecture 22 (Lehmer [99], Siegel [100]). If I(N) is the number of 
irregular primes ^ N then 

I(N) ~ (1 - e - 1/2 )- 7 t(N) = 0.39347ir(N) (355) 

as N —* oo. 

If Conjecture 22 were true, then by Theorem 64, Conjecture 16 would 
be true for at least three-fifths of all prime exponents. 

Conjecture 16 itself is now true for all exponents == 125000 by 
Wagstaff’s calculations [101]. Further, he gives 7(125000) = 4605 and 
ir( 125000) = 11734. Their ratio equals 0.39245, in good agreement with 
(355). The index of irregularity j( p) is the number of B n in Definition 
40 divisible by p; regular primes have j(p) = 0 and irregular primes 
have j( p) 2: 1. A related conjecture is 

Conjecture 23. 

J(N) = ft j{p) ~\v{N). (356) 

The heuristic argument is now even simpler if the same equidistribu- 
tion is assumed. Wagstaff’s data gives J(125000) = 5842 and 
J( 125000)/7r(125000) = 0.49787, in good agreement with (356). More to 
the point is the fact that N = 125000 is not exceptional: J(N)/ tt(N) 
and I(N)/n(N) both have only small fluctuations up to this limit. 
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Of the three conjectures, Conjectures 16, 22, and 23, the last is the 
weakest, but conceivably it may be the least difficult to prove. If it is 
proved, then Conjecture 16 is true for at least one-half of all prime 
exponents. 

Turning to Conjecture 17, it is now true for all p < 3 • 10 9 since, as 
we indicated above [91], the only violations of Wieferich’s (208) for 
p < 3 • 10 9 remain the old cases, p = 1093 and 3511. Prior to [91], 
everyone quoted the Lehmers’ smaller bound 253, 747, 889, but this may 
have become invalid shortly after they computed it [27] in 1941. The 
reason is that they not only assumed the validity of the criteria in (208) 
and (209) but also that of all such criteria: 

p 2 \ Q p l ~ 1 (357) 

for every prime q ^ 43. In 1948 Gunderson [102] questioned the valid¬ 
ity of the proofs that had been given for (357) for the last three cases: 
q = 37, 41, and 43. 

Nonetheless, using (357) only for q ^ 31, he deduced a bound for 
Conjecture 17 that was larger than 253,747,889, namely 

p < 1.1 • 10 9 . 

He showed (Theorem N) that if 

P 2 \qf- X ~ 1 (358) 

for the first n primes: q 1 = 2, q 2 = 3, q s = 5,.. . , q nJ then p satisfies the 
inequality 

fiog-^r 

(2n — 2)! 2 \_V2j_ p - 1 , 59) 

(n - 1)! (n - 1)! n\ log q x • log q 2 ■ ■ ■ log q n 2 

Designating the left side by f n ( p), one finds that the iterative sequence 

p = 2f n (p) + l (360) 

converges fairly rapidly to the desired bound for p. Since 31 = q u , the 
use of (360) for n = 11 gives Gunderson’s bound for Conjecture 17 more 
precisely, namely, 

p < 1,110,061,000. 

If the validity of (357) is proved for q 12 = 37 one gets a new bound: 

p < 4,343,289,000. (361) 

If q 13 = 41 and q u = 43 are also good, this becomes 

p < 57,441,749,000, 

and if q 15 = 47,. .., q w = 71 are also good, we have 

p < 32,905,961,000,000. 
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Since (361) is already better than the present bound 3 • 10 9 , the order of 
the day seems clear: investigate (357) for q = 37. If it is true, then we 
have a new bound; if not, there must be an interesting mathematical 
reason for this failure. 

Concerning Euler’s generalization designated as Open Question 2 on 
page 158, I am pleased with my intuition there. I refused to call it a 
conjecture, since I said that there was no serious evidence for it. 
Several years later a counter-example 

144 5 = 27 5 + 84 5 + 110 5 + 133 5 (362) 

was found by Lander and Parkin [103], Curiously, no other counter-ex¬ 
ample is known. The most probable reason is that further computations, 
as in [104], have simply not gone far enough. 

Since Open Question 2 is settled, let us replace it with 

Open Question 3. Is there a nontrivial solution of 

A 4 = B 4 + C 4 + D 4 ? (363) 

Although (363) has been investigated frequently, there is insufficient 
evidence to warrant a conjecture. One often reads that the methods of 
algebraic geometry are very powerful. Perhaps it is not too unfair to 
challenge the algebraic geometers with (363): find a solution or prove 
that none exists. No doubt algebraic geometry itself would be the main 
beneficiary, since new developments would probably be required. 

Exercise 168 (W. Johnson [105]). Determine the probability of j(p) 
= n, using the previous assumption. For n = 0, we gave P = e -1/2 
above. 

Exercise 169. The absence of Wieferich Squares p 2 for 3511 < p < 
3 • 10 9 does not contradict Exercise 158, since the probable number in 
this interval is only 0.983. Using (208) and (209) and the sum 

OO 

2 p~ 2 y what is the probability of a counter-example for Conjee- 

p = 3 • 10 9 

ture 17? 

71. Binary Quadratic Forms with Negative Discriminants 

The most classical of classical number theory is the theory of binary 
quadratic forms. Yet even here there has been significant development. 
We cannot adequately treat all of these topics here, since we largely 
confined ourselves above to the classical problems 

p = a 2 4- Nb 2 , x 2 - Ny 2 = ± 1 

that initiated the subject and to their immediate generalizations. 

Starting with Fermat's Theorem 60, we might add a survey of 
computational methods [106] and one new short-cut [107]. For Theorem 
69, let us extend the data for R(N) given in Ex. 119 with the results 
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given in [108] and the references cited there: 

R{ 10 6 ) = 3141549, = 314159053, 

^(lO 10 ) = 31415925457, A(10 12 ) = 3141592649625, 

fl(10 14 ) = 314159265350589. 

There has also been interest in Landau’s function B(x), which counts 
each integer n = a 2 + b 2 ^ x only once no matter how many repre¬ 
sentations it may have [109]. 

In the generalization 

rp = a 2 + Nb 2 (364) 

on page 167, we wish to make r = 1 if possible and to minimize it 
otherwise. This relates, as we indicated on pages 153, 154, and 168, to 
questions involving unique factorization and to those concerning the 
density of primes generated by quadratic polynomials. In an important 
development, H. M. Stark proved [110] that for negative N the 
quadratic field k(VN ) has unique factorization only for 

N = -1, - 2, - 3, - 7, - 11, - 19, - 43, - 67, - 163. (365) 

A. Baker [111] and K. Heegner [112] have given other approaches to 
this long-sought theorem. Correspondingly, the famous polynomial 
n 2 + n + 41, which has -163 for its discriminant, must have a very 
high density of primes. In [56] we find that we should take C = 3.31977 
in (338) with k = 1. Paul T. Rygg [113] has counted these primes up to 
n = 10 6 , and his count does agree very well with (338). 

For computational developments on (364) we refer to published tables 
such as [114], to reviews thereof, such as [115], and to improved 
algorithms, such as [83, sec. 6]. An example in the latter solves (364) for 
every N from 1 to 150 inclusive for a remarkable prime 

p = 26437680473689 (366) 

that we will refer to repeatedly below. Such solutions are possible only 
because (— iV| p) = +1 for all N between 1 and 150 for this prime. The 
generalization of Landau’s B(x) to n = a 2 + Nb 2 ^ * has been studied 
in [116]. 

Much (but not all) of the recent development in factorization methods 
involves binary quadratic forms either explicitly or implicitly. Our 
Theorem 76 above is closely related to the Lehmers’ algorithm [97], 
which may be used both for factoring and for primality tests. The 
previously cited [78] has these same features; however, it derives its 
greater efficiency not from Theorem 76 but from more advanced ideas 
involving class groups and composition that we did not study above. We 
must therefore drop the topic, even though it would fit in nicely with 
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our previous text; the class groups are Abelian and their cycle graphs 
are particularly informative. We continue with other references for 
new factorization methods in the next section. 

In view of the historical importance of Pythagorean numbers (see 
Fermat's statement to Frenicle, on page 161) it is curious that the 
obvious three-dimensional analogue was not examined earlier. As far as 
I know, it is new. In how many ways can we solve 

p 2 = a 2 + b 2 + c 2 for 0 < a ^ b ^ c (367) 

if p is an odd prime? The elegant answer is in 

Theorem 86. Write p uniquely as p = Sn ± 1 or p = Sn ± 5. Then 
(367) has exactly n solutions . 

Examples: p = 3, 7, and 13 each have one solution, p = 5 has none, 
and p = 19 has three. 

9 = 1 + 4 + 4, 49 = 4 + 9 + 36, 169 = 9 + 16 + 144. 

361 = 1 + 36 + 324 = 36 + 36 + 289 = 36 + 100 + 225. 

For a proof, see [117]. It is based on known classical results involving 
ternary forms (see page 246). 

Exercise 170. Determine the nine solutions of (367) for p = 73. Note 
that 73 2 - 12 2 = 61 * 85 gives rise to four of them. 

72. Binary Quadratic Forms with Positive Discriminants 

In contrast with (365) we list 

Conjecture 24. There are infinitely many quadratic fields k(VN ) for 
N > 0 that have unique factorization. 

This is an important conjecture, since its proof will require a deep 
insight not now available. For the large p in (366), k(Yp ) has class 
number h = 1 and therefore unique factorization. Empirically, that is 
not surprising; for about 80% of known k(Yp ), where p is a prime 
= 1 (mod 4), we have h — 1 [118]-[120], and this empirical density 
decreases only very slowly as p increases [121]. Therefore, the a-priori 
odds actually favor h = 1 for the prime in (366). While there are only 
nine cases in (365), many thousands of such fields have been recorded 
for N > 0. 

The difference arises from the fact (page 173) that one has infinitely 
many units when N > 0. We must generalize Fermat's equation (236) 
to include the possibilities indicated in Exercises 124 and 144. That 
done, we have 

Definition 45. If T and U are the smallest positive integers that 
satisfy 


T 2 - U 2 N = ±4 


( 368 ) 
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e = ( T + UVN )/2 (369) 

is called the fundamental unit of k(VN ) and R = log e is called its 
regulator. 

To be brief, it is known that the product 2 Rh/VN plays the same 
role if N > 0 that the product irh/V^ N does if N < 0. In the latter 
c ase, t he class number grows (on the average) proportionally to 
V^-~N ; while in the former, Rh grows (on the average) proportionally 
to VN . Thus, if R is big enough, there is no reason why h cannot equal 
1 no matter how big N becomes. So the real question is this: Why are 
the fundamental units (369) frequently so large? This takes us back to 
the very beginning. When Fermat and Frenicle challenged the English 
(page 172) with N = 61,109,151, 313,..., they may not have realized 
it, but k( VN ) has h = 1 in all of those cases. 

For the p of (366) the smallest u that satisfies u 2 — pv 2 = - 1 has 
9440605 decimal digits [122]. That makes even the answer to the famous 
Archimedes Cattle Problem [123], [124] look small. The regulator of 
k( V p ) is 21737796.4. It is that large because (a) the class number is 1, 
(b) P is large, and (c) (p\q) = + 1 for q = 3, 5, 7,..., 149. This last 
point is significant, since an “average” p this size, not having this 
unusual property, would have a u with only 1116519 digits. 

Digressing briefly, it is the last point (c) that gives p its mathematical 
interest (not its gigantic u). It is the smallest prime = 1 (mod 8) that 
has (p\q) = + 1 for q = 3 to 149. The Riemann Hypothesis puts a limit 
on how long a run of residues a prime of a given size can have, and p 
was computed by the Lehmers and myself precisely to test this limit 
[125]. 

Had Frenicle persuaded Lord Brouncker to compute the continued 
fraction for Vp , they would have found [126] that its period is 
18331889. But a new development makes it possible to compute R 
accurately in a few seconds of machine time. Exercise 141 shows how to 
use symmetry to cut the computation in half. It turns out (surprisingly) 
that symmetry is not essential here; the use of composition and 
quadratic forms allow a doubling operation anywhere in the period, and 
therefore repeated doubling is also possible [122]. 

For h = 1 in cubic and quartic fields, see [120] and [127]—[129], while 
for three interesting continued fractions, see [130]-[132]. 

Returning to factorization, the continued-fraction method [133] is 
complicated but extremely powerful. An interpretation of it in terms of 
quadratic forms [134] is of interest; and subsequently this led to a 
greatly simplified method [135], [136], which loses much of the previous 
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power but all of the complexity. It is now so simple and requires so 
little storage that one can factor 

2«» + 2 30 - 1 = 139001459 • 8294312261, 

2 51 — 7 = 17174671 • 131111671 

on a little HP-67 even though this only computes with 10-digit numbers. 
Other recent developments in factorization are by Lehman [137], 
Pollard [138], and J. C. P. Miller [139]. For a survey article, see Guy 

[140] , 

Exercise 171. Since 17174671 has a unique representation A 2 + 
1905 2 for A = 3991 and B = 81, it is prime. Why do we select 190? 

[141] - 

73. Lucas and Pythagoras 

Our estimate on page 198 that there will be “about 5” new prime M p 
for 5000 < p < 50000 needs little revision, if any. Four have been found 
for p < 21000 and “about 5” still seems a reasonable guess. Gillies [142] 
has found prime M p for p = 9689, 9941 and 11213, and Tuckerman [143] 
has found M 19937 . 

Gillies included a statistical theory, based upon unproved hypotheses, 
which implies that about six or seven prime M p should be expected in 
each decade: A < p < 10A. Ehrman studied these Gillies hypotheses 
[144] and interpreted previous data [145] on the distribution of the 
number of divisors M p has below a given bound B. These distributions, 
and those in (331), constitute first steps in understanding M p . 

There has been no computation of M p to my knowledge since that of 
Tuckerman [143]. That is surprising, since it was at that very time that 
Knuth had begun to publicize [146] the new Strassen-Schonhage “fast 
Fourier multiplication” algorithm for which one has 

Theorem S. It is possible to multiply two n-bit numbers in 
0(n log n log log n) steps. 

This leaves open the pertinent question: For what n does this become 
competitive with the older 0( n 2 ) multiplication? It does seem to offer 
an escape from our statement on page 195 that the Lucas arithmetic for 
M p is roughly proportional to p 3 , and I do not know why this has not 
been exploited. 

We should add that the theory of Lucas sequences plays a large role 
in many of the new primality tests referenced above, not merely in 
tests for M p . 

Returning to the beginning of Chapter III, the Case for Pythag- 
oreanism remains an important philosophical proposition. I know of no 
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serious discussion or refutation that has appeared anywhere; Eves [147] 
merely copied our list without advancing the question. It is therefore 
unnecessary to strengthen the case here, but two additions and one 
subtraction should be made. The genetic code in DNA and recent 
theories of elementary particles are almost pure Pythagoreanism, and it 
is hard to conceive of two more fundamental things in the universe. On 
the other hand, let us delete Eddington’s speculation that he/2m 2 — 
137 from our page 137. It mars a good case, since subsequent measure¬ 
ments [148] have given 

he/2m 2 = 137.0388 ± 0.0019. 

74. The Progress Report Concluded 

We are nearly done; but even the Supplement and the commentary in 
the first edition References need updating. For more on Exercises 4S 
and 8S, see [149] and [150], respectively. Finite geometries, as in 
Exercise 5S, arise in interesting number-theoretic situations; cf. [120, 
page 30], 

Waring’s Conjecture (page 211) that every positive integer is the sum 
of I(k) non-negative /c-th powers is now even more “nearly” proven— 
but still not completely. Rosemarie Stemmier [151] completed a verifi¬ 
cation for all A; up to 200,000, excluding the two hard cases k = 4 and 5. 
Mahler [152] had already shown that g(k) ¥=I(k) for at most a finite 
number of k. Continuing developments of Baker’s method [111] suggest 
that a proof will be found for all k > 200,000, but this has not yet been 
done. As we indicated on page 212, k = 4 is the hardest case. Chen [153] 
has now proved that g{b) = 7(5) = 37 and, while there has been pro¬ 
gress on g( 4), its value remains unsettled. It seems likely that Waring’s 
Conjecture will be completely proved in due course. 

Dickson’s valuable History [1] has been reprinted by Chelsea; and the 
dedicated scholar we called for on page 243 has turned out to be Wm. J. 
LeVeque. His six-volume [154] collection of reviews, while not quite 
equivalent to Dickson’s History, is certainly a valuable aid to research. 

This progress report confirms the statement in the 1962 preface that 
“number theory is very much a live subject.” Even within the limited 
confines of our previous subject matter, the progress made since then is 
impressive. 



STATEMENT ON FUNDAMENTALS 


The logical starting point for a theory of the integers is Peano’s five 
axioms. From these one can define addition and multiplication and prove 
all the fundamental laws of arithmetic, such as 

a d - b — b *4" My 

a(b + c) = ab + ac, 

a(bc ) = ( ab)c , 

etc. The reader knows that we have not done this. We have assumed all 
these fundamentals without proof, and even without explicit statement. 
Sometime, however, if he has not already done so, the reader should go 
through this development, and he can hardly do better than to read 
Landau’s Foundations of Analysis , Chelsea, 1951. 

Similarly we have skipped over the simpler properties of divisibility. We 
have not defined “divisor,” “divisible,” “even,” etc. If there is an integer 
c such that 

ac = b 

we say a is a divisor of b. If 2 is a divisor of b we say b is even, etc. For these 
elementary definitions, and for such theorems as 

a\b and b\c implies a\c, 

a\b and a\c implies a\b + c, 

etc., the reader is referred to Chapter I of a second book of Landau, Ele¬ 
mentary Number Theory , Chelsea, 1958. 

One of these elementary theorems should, however, be singled out for 
special mention. This is the Division Algorithm: 

Theorem. If a > 0, then for every b there are unique integers q and r, with 
0 ^ r < a, such that 

b = qa + r; 

that is, there is a unique quotient q and a unique remainder r. 

This theorem is indeed a fundamental one in the theory of divisibility. 
It enters the theory via the Euclid Algorithm (page 8) and elsewhere. 
The proof runs as follows. Let b — x l a be the smallest non-negative 
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integer of all integers of the form b - xa, with x an integer. Set q = x 1 and 
r = b - go. Then one shows that 0 ^ r < a, whereas for any other x 2 , 
r 2 = b - x 2 a would not satisfy one, or the other, of the inequalities in 
0 ^ r 2 < a. 

The key argument is the fact that there exists a smallest non-negative 
b — xa. This is guaranteed by the Well-Ordering Principle (page 149). As 
is stated on page 149 the latter is equivalent to the principle of induction 
(Peano s fifth axiom), and thus is the principle which gives the integers 
their special (discrete) characteristics. 




TABLE OF DEFINITIONS 


Definition 


Page 


1) perfect number 

2) prime, composite 

3) greatest common divisor, (a, b), a is prime to b 

4) a\b, a\b 

5) M n , Mersenne number 

6) [x] 

7) ir(n) 

8) asymptotic,/(x) g(x) 

9) Euler’s phi function 

10 ) ir a ,b ( n ) 

11) equinumerous 

12) Legendre Symbol, 

13) Original Legendre Symbol, (a|<?) 

14) P„ (N) 

15) b = c (mod a), congruent to, modulo, residue of, residue class, 

modulus 

16) a~ l (mod m), reciprocal 

17) group, closed, associative, identity, inverse 

18) Abelian group, finite group, order of the group 

19) modulo multiplication group, 91l m 

20) quadratic residue, quadratic nonresidue 

21) -\/a (mod p) 

22) a is of order e modulo m 

23) primitive root 

24) cyclic group, generator 

25) isomorphic groups, a ^b, 3TC m ^ 3Tl m - 

26) circular parity switch 

27) cycle of a modulo m 

28) subgroup 

29) <j> m 

30) 4> m , characteristic factor, f r 

31) quadratfrei 

32) fermatian 

33) Fermat number, F m 
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5 

5 

14 

14 
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31 
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94 

114 

115 
115 


241 



Solved and Unsolved Problems in Number Theory 


Definition p age 

34) Carmichael number 110 

35) Wieferich Square H 5 

36) almost all H 7 

37) Pythagorean numbers 121 

38) Gaussian integers 149 

39) Bernoulli number, B n 152 

40) regular prime 153 

41) r(n), R(n) 1 62 

42) Fibonacci primitive root.224 

43) a-pseudoprime, C a (N), Euler a-psp, E a (N), c(N ).226 

44) strong a-psp, S a (N) .227 

45) fundamental unit, regulator.236 
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